25% off all training courses Offer ends July 30, 2026
View HIPAA Courses
25% off all training courses
View HIPAA Courses
Offer ends July 30, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

PJ Murray

PJ Murray is the founder and publisher of The HIPAA Journal. He has more than 10 years of experience writing about HIPAA, healthcare compliance, patient privacy, and the protection of medical records. Through The HIPAA Journal, PJ helps healthcare organizations, business associates, and their employees better understand HIPAA regulations, reduce compliance risks, and strengthen the safeguards used to protect patient information. PJ has a background in software development, holds an engineering degree, and specializes in the cybersecurity aspects of HIPAA compliance, including data security, medical record protection, and workforce training. He has also played a leading role in the development and launch of The HIPAA Journal Training, which provides HIPAA and cybersecurity training for healthcare organizations, business associates, students, and healthcare-related workforces. His work focuses on making complex regulatory and technical requirements easier for healthcare professionals and organizations to understand and apply in practice. You can connect via LinkedIn.

How to Choose the Right HIPAA Training for Remote Workers?
Aug11

How to Choose the Right HIPAA Training for Remote Workers?

Choose HIPAA training for remote workers that comprehensive regarding HIPAA rules and regulations, but is also role based and scenario driven, covers remote specific risks like home workspace privacy, messaging, video calls, personal devices, and unapproved online tools, includes short knowledge checks, and produces clear completion and assessment records you can quickly provide during audits or investigations. Remote and hybrid work is now normal across healthcare, including billing, scheduling, utilization review, care coordination, coding, and some clinical services. That shift changes how Protected Health Information (PHI) and electronic PHI (ePHI) is accessed, discussed, stored, and transmitted. It also changes what effective HIPAA training needs to accomplish. The goal is not to check a box. Good training helps remote staff make the right choices in real conditions: distractions at home, shared spaces, multiple apps, and fast patient communications. Training that builds practical judgment and produces strong documentation helps reduce avoidable incidents and strengthens your...

Read More
Would your HIPAA training survive an OCR investigation?
Feb26

Would your HIPAA training survive an OCR investigation?

When the Office for Civil Rights (OCR) reviews your HIPAA training during an investigation into a HIPAA violation, it is looking for proof that your workforce has been trained on all of the rules and regulations that apply to your operations, not just a high-level primer. At a minimum, OCR expects privacy training on the HIPAA Privacy Rule requirements, plus an organization-wide HIPAA security awareness and training program under the HIPAA Security Rule. OCR investigators will also check that employees understand the HIPAA Breach Notification Rule and how your organization meets its obligations when something goes wrong and there is a potential HIPAA violation. These are not soft expectations: the HIPAA Privacy Rule requires training “as necessary and appropriate” regarding protected health information, and the HIPAA Security Rule requires a security awareness and training program for all workforce members, including management. OCR Reviews Training Curriculum From the outset, OCR reviews whether the curriculum actually covers the rules in full and maps them to day-to-day employee...

Read More
x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist