what are the HIPAA Training the Minimum Necessary Standard

July 9, 2019 0 By theindianblogger

HIPAA also known as the Health Insurance Portability and Accountability Act of 1996 is a law in US that maintains privacy measures for safeguarding the medical information regarding the patient details and practice. There are minimum necessary standards set that allow the employers to protect their practice and ask them not to disclose any information regarding the same. The rules are flexible enough to accommodate any ifs and buts of the company. 


The privacy rule is designed in such a way that it takes reasonable steps to protect and safeguard the information associated with health. But the minimum necessary standard is not applicable on the following: 

  • Disclosures to or requests by a health care provider for treatment purposes.  
  • Disclosures to the individual who is the subject of the information.  
  • Uses or disclosures made pursuant to an individual’s authorization.  
  • Uses or disclosures required for compliance with the Health Insurance Portability and Accountability Act (HIPAA) Administrative Simplification Rules.  
  • Disclosures to the Department of Health and Human Services (HHS) when disclosure of information is required under the Privacy Rule for enforcement purposes.  
  • Uses or disclosures that are required by other law.  


HIPAA privacy policy also covers the information of people who wants to access the data. Their information is stored as well. For instance, if for any medical reason, the doctor wants to access the medical history of the patient, he/she can do so by following the guidelines as laid down by HIPAA. The doctors, nurses and selected staff of the hospital can have the access to the information only when required, information shared is limited. In certain situations, the Privacy Rule allows a doctor or a nurse who has the permission to view the information only if the party allows the information to be disclosed. Such requests are only permissible only when: 

  • A public official or agency who states that the information requested is the minimum necessary for a purpose permitted under 45 CFR 164.512 of the Rule, such as for public health purposes (45 CFR 164.512(b)).
  • Another covered entity.
  • A professional who is a workforce member or business associate of the covered entity holding the information and who states that the information requested is the minimum necessary for the stated purpose. 
  • A researcher with appropriate documentation from an Institutional Review Board (IRB) or Privacy Board.


There are a number of organizations out there in the market that can provide HIPAA training, yet it becomes difficult to choose the right one. We at compliances group offer HIPAA Compliance Certification for employers who are looking for HIPAA training. We take trainings annually so that there is no employee who is not aware of the content of the training. We have the best HIPAA Security Training and are one of the popular ones for HIPAA training in NYC. We offer HIPAA training 101, employers documentation and attestation as well as guidance on procedures and guidelines in HIPAA training.