25+ Compliance Training Courses. One Subscription.
HIPAA, OSHA, workplace safety, fraud prevention, cybersecurity, and state-specific training - all in one subscription. Your team can finish their required courses in one sitting.
Start free trialCourse Library
Showing all courses
HIPAA Privacy Rule Training
Learn how patients' rights, permissible uses of PHI, and required safeguards apply to every member of your workforce.
35 min
HIPAA Security Rule Training
Master the technical and administrative safeguards that protect electronic PHI, from risk analysis to workforce responsibilities. Proposed changes (expected 2026) may expand these requirements.
35 min
Telehealth Privacy & Compliance
Essential for teams delivering virtual care - state telehealth laws, platform security requirements, and consent obligations unique to remote visits.
20 min
42 CFR Part 2: Protecting Substance Use Disorder Records
Substance use disorder records follow stricter privacy rules than standard PHI. Consent requirements, disclosure limits, what your team can and can't share.
20 min
Business Associate Awareness
Your guide to HIPAA Business Associate relationships - what makes a vendor a BA, what agreements are required, and how your team should manage them.
20 min
Sexual Harassment Prevention Training
Prepare your staff to recognize prohibited conduct, fulfill reporting obligations, and understand employer responsibilities under Title VII and state laws.
25 min
Workplace Violence Prevention
De-escalation techniques, threat recognition, and reporting procedures. Your team handles difficult situations - here's how to keep everyone safer.
25 min
OSHA General Safety for Healthcare
Everything your team needs to know about OSHA rights, hazard identification, injury recording, and the general duty clause for healthcare workplaces.
15 min
OSHA Hazard Communication (HazCom)
GHS labels, Safety Data Sheets, right-to-know rules. Your team works with chemicals every day. Here's what they need to know.
15 min
Emergency Preparedness
Emergency response plans, evacuation procedures, continuity of care. What does your team do when something goes wrong? This course answers that.
15 min
Cybersecurity Awareness for Healthcare
Most data breaches start with human error. Build your team's defenses against social engineering, weak passwords, and other common attack vectors.
20 min
Phishing & Risk Analysis
Stop the most common cyberattack in healthcare. Learn to spot phishing attempts and conduct basic risk assessments to protect electronic patient data.
20 min
AI Safety & Smart Use in Healthcare
Reduce your risk of AI-related data privacy incidents. Covers responsible use in clinical and administrative workflows, bias awareness, and governance.
15 min
Bloodborne Pathogens (OSHA)
Required knowledge for clinical staff - exposure control plans, universal precautions, PPE use, and post-exposure procedures mandated by OSHA.
20 min
Infection Control & Prevention
Standard precautions, hand hygiene, sterilization, transmission-based protocols. The basics that keep patients and staff safe.
25 min
TB Prevention for Healthcare Workers
Essential for teams with occupational exposure risk - TB transmission, skin testing requirements, respiratory protection, and workplace exposure controls.
15 min
CMS Fraud, Waste & Abuse (FWA)
Protect your organization from False Claims Act violations, anti-kickback risks, and CMS fraud penalties in Medicare and Medicaid billing.
25 min
Compliance, Ethics & Fraud
Build your team's understanding of the seven OIG compliance program elements, ethical decision-making, and fraud awareness for healthcare organizations.
25 min
Mandatory Reporting (Abuse & Neglect)
Every healthcare worker has a legal duty to report suspected abuse and neglect. Learn to recognize the signs, document properly, and follow reporting procedures.
20 min
Documentation & Medical Records Compliance
Accurate records protect against audit findings. Documentation standards, retention requirements, and billing accuracy - what your team needs to get right.
20 min
Texas HB 300
Required for Texas healthcare employers - HB 300 consent rules for marketing, stricter ePHI protections, and penalties up to $1.5M per incident.
15 min
California CMIA + SB 1299
California imposes privacy protections stricter than federal HIPAA. Learn the CMIA and SB 1299 rules that apply to California healthcare employers.
15 min
New York State Compliance
Covers New York-specific requirements for licensed health professionals - infection control, mandatory reporting, harassment prevention, and workplace violence.
20 min
Florida HIV/AIDS
Required for Florida healthcare practitioners at initial licensure and CE renewal - mandatory HIV/AIDS training under FL Statute 381.0034.
15 min
Illinois: Two additional courses required for healthcare employers
Sexual Harassment Prevention (IL addendum) - Illinois requires annual sexual harassment prevention training for all employees under the Illinois Human Rights Act (IHRA). Illinois healthcare employers must use Illinois-specific training that covers state law requirements beyond federal Title VII.
Workplace Violence Prevention (IL addendum) - Illinois healthcare facilities are required to provide workplace violence prevention training under the Healthcare Violence Prevention Act (775 ILCS 2). This is a state-specific requirement in addition to federal HIPAA and OSHA training obligations.
Age-Appropriate Care
Every patient deserves age-appropriate treatment. Developmental and psychosocial considerations from pediatric to geriatric - practical guidance your team can use.
15 min
Cultural Competency & Health Literacy
Better outcomes start with culturally responsive care. Train on language access obligations and health literacy practices that reduce disparities.
15 min
Advanced Healthcare Directives
Your guide to living wills, healthcare proxies, DNR orders, and honoring patient advance care planning documents in clinical practice.
15 min
Find Your Training Plan
Answer three quick questions and we'll show you exactly what training your team needs.
What type of practice do you run?
Select your practice type to see relevant training recommendations.
Where do you operate?
Select states to include state-specific training requirements. State modules currently cover CA, TX, FL, NY, and IL.
Which roles are on your team?
Select all roles that apply. We'll build a training plan for each.
Your Training Plan
| Course | Status | Duration |
|---|
Training requirements vary by organization type, size, state, payer mix, and accreditation. This is a general guide, not legal advice. Consult your compliance officer for requirements specific to your organization.
Training by Practice Type
See which courses are required or recommended for your practice specialty.
Physician Practices & Medical Groups - 18 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA |
| CMS FWA | Required | CMS (if billing Medicare/Medicaid) |
| Compliance, Ethics & Fraud | Recommended | OIG |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | CMS |
| Infection Control | Recommended | OSHA + state boards |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Phishing & Risk Analysis | Recommended | HIPAA Security |
| Cultural Competency | Recommended | HRSA / State |
| TB Prevention | Recommended | OSHA |
| Telehealth Privacy | Recommended | HIPAA |
| AI Safety | Recommended | Emerging Standards |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required for applicable license types. If you operate in New York: New York State Compliance applies to licensed providers. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for this practice type.
Dental Offices - 15 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA (high exposure) |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA (chemicals, mercury, disinfectants) |
| Infection Control | Required | State dental boards + OSHA |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | Dental board |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| TB Prevention | Recommended | OSHA (aerosol-generating procedures) |
| Cultural Competency | Recommended | State (CA, NY, NJ) |
| CMS FWA | Recommended | CMS (if billing Medicaid) |
| Emergency Preparedness | Recommended | State dental board CE |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies to licensed dental professionals. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for dental offices.
Urgent Care Centers - 17 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA |
| Infection Control | Required | OSHA, AAAHC (if accredited) |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| CMS FWA | Recommended | CMS (if billing Medicare/Medicaid) |
| Compliance, Ethics & Fraud | Recommended | OIG |
| Documentation & Medical Records | Recommended | CMS |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Emergency Preparedness | Recommended | AAAHC (if accredited) |
| TB Prevention | Recommended | OSHA |
| Workplace Violence Prevention | Recommended | OSHA |
| Telehealth Privacy | Recommended | HIPAA |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for urgent care centers.
Home Health Agencies - 19 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA |
| CMS FWA | Required | CMS CoP |
| Compliance, Ethics & Fraud | Required | OIG |
| Mandatory Reporting | Required | State Law |
| Infection Control | Required | CMS CoP |
| Emergency Preparedness | Required | CMS CoP |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | CMS CoP |
| TB Prevention | Recommended | OSHA |
| Cultural Competency | Recommended | HRSA / State |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Telehealth Privacy | Recommended | HIPAA |
| Age-Appropriate Care | Recommended | CMS |
| Advanced Healthcare Directives | Recommended | Federal |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for home health agencies.
Behavioral Health & SUD Treatment - 18 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| 42 CFR Part 2 | Required | SAMHSA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| Compliance, Ethics & Fraud | Required | OIG |
| CMS FWA | Required | CMS (if billing Medicare/Medicaid) |
| Mandatory Reporting | Required | State Law |
| Workplace Violence Prevention | Required | OSHA / CARF |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | CARF / Joint Commission |
| Cultural Competency | Recommended | CARF |
| Emergency Preparedness | Recommended | CARF |
| Infection Control | Recommended | OSHA |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Advanced Healthcare Directives | Recommended | Federal |
| Telehealth Privacy | Recommended | HIPAA |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for behavioral health facilities.
Chiropractic Offices - 12 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | Chiropractic board |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| CMS FWA | Recommended | CMS (if billing Medicare/Medicaid) |
| Infection Control | Recommended | State boards + OSHA |
| Cultural Competency | Recommended | State (CA, NY, NJ) |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for chiropractic offices.
Physical Therapy & Rehab Clinics - 14 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | CMS / State PT board |
| CMS FWA | Recommended | CMS (if billing Medicare/Medicaid) |
| Compliance, Ethics & Fraud | Recommended | OIG |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Infection Control | Recommended | OSHA + state boards |
| Cultural Competency | Recommended | State (CA, NY, NJ) |
| Telehealth Privacy | Recommended | HIPAA |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for PT/rehab clinics.
Ambulatory Surgery Centers - 13 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA |
| Infection Control | Required | CMS CoP / AAAHC |
| Emergency Preparedness | Required | CMS CoP |
| CMS FWA | Required | CMS (if billing Medicare/Medicaid) |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Documentation & Medical Records | Recommended | CMS |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for ASCs.
Pharmacies - 11 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| OSHA HazCom | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| CMS FWA | Required | CMS Medicare Part D |
| Compliance, Ethics & Fraud | Required | DEA + OIG |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Bloodborne Pathogens | Recommended | OSHA (if offering immunizations) |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Documentation & Medical Records | Recommended | Pharmacy board |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for pharmacies.
Mental Health Private Practices - 14 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| 42 CFR Part 2 | Required | SAMHSA (if treating SUD) |
| Documentation & Medical Records | Recommended | State licensing boards |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| Phishing & Risk Analysis | Recommended | HIPAA Security |
| Telehealth Privacy | Recommended | HIPAA |
| Cultural Competency | Recommended | State (CA, NY, NJ) |
| CMS FWA | Recommended | CMS (if billing Medicare/Medicaid) |
| Compliance, Ethics & Fraud | Recommended | OIG |
| Advanced Healthcare Directives | Recommended | Federal |
Note: OSHA clinical safety courses (Bloodborne Pathogens, HazCom, General Safety) are not listed because office-based mental health practices typically have no bloodborne pathogen or chemical exposure risk.
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for mental health practices.
Community Health Centers (FQHCs) - 15 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Bloodborne Pathogens | Required | OSHA |
| OSHA General Safety | Required | OSHA |
| OSHA HazCom | Required | OSHA |
| CMS FWA | Required | CMS / Federal |
| Compliance, Ethics & Fraud | Required | OIG |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| Cultural Competency | Required | HRSA |
| Infection Control | Recommended | OSHA |
| Emergency Preparedness | Recommended | HRSA |
| Business Associate Awareness | Recommended | HIPAA |
| Cybersecurity Awareness | Recommended | HIPAA Security |
| TB Prevention | Recommended | OSHA |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for FQHCs.
Telehealth Providers - 12 courses applicable
| Course | Status | Authority |
|---|---|---|
| HIPAA Privacy Rule | Required | HIPAA |
| HIPAA Security Rule | Required | HIPAA |
| Telehealth Privacy & Compliance | Required | HIPAA + State |
| Cybersecurity Awareness | Required | HIPAA Security |
| Phishing & Risk Analysis | Required | HIPAA Security |
| Business Associate Awareness | Required | HIPAA |
| Mandatory Reporting | Required | State Law |
| Sexual Harassment Prevention | Required | Title VII + state laws |
| CMS FWA | Recommended | CMS (if billing Medicare/Medicaid) |
| Compliance, Ethics & Fraud | Recommended | OIG |
| Documentation & Medical Records | Recommended | CMS |
| AI Safety | Recommended | Emerging Standards |
If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required. If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention and IL Healthcare Violence Prevention addendums apply.
State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here.
Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for telehealth providers.
Regulatory Disclaimer
Training requirements vary by organization type, size, state, payer mix, and accreditation. This guide reflects common federal and state requirements as of March 2026 and is not legal advice. Consult your compliance officer or legal counsel for requirements specific to your organization. State-specific content currently covers CA, TX, FL, NY, and IL. Additional states may have requirements not listed here. Last reviewed: March 2026.