The HIPAA Rules are flexible and scalable to accommodate the enormous range in types and sizes of entities that must comply with them. This means that there is no single standardized program that could appropriately train employees of all entities.
Free CME Training to Educate Providers about the HIPAA Right of Access
OCR has launched a video training module for health care providers on patients’ right of access under the HIPAA Privacy Rule.  The video module provides an in-depth review of the components of the HIPAA right of access and ways in which it enables individuals to be more involved in their own care.  The module provides helpful suggestions about how health care providers can integrate aspects of the HIPAA access right into medical practice. Upon completion of this activity, participants will receive free Continuing Medical Education (CME) credit for physicians and Continuing Education (CE) credit for health care professionals.  The program requires registration but is free of charge.’s Guide to Privacy and Security of Electronic Health Information provides a beginners overview of what the HIPAA Rules require, and the page has links to security training games, risk assessment tools, and other aids.
State Attorneys General Training materials provide a more comprehensive overview of HIPAA compliance:

Want to learn more about the HIPAA Privacy & Security Rules?  Sign Up for the OCR Privacy & Security Listserv

OCR has established two listservs to inform the public about health information privacy and security FAQs, guidance, and technical assistance materials. We encourage you to sign up and stay informed.

Content created by Office for Civil Rights (OCR)
Content last reviewed on January 10, 2018