What is HIPAA?

The Health Insurance Portability and Accountability Act, also known as HIPAA, is a federal law that was enacted in 1996 that addresses how Covered Entities are to safeguard the privacy and security of patients’ information.  It was amended in 2009 by the Health Information Technology for Economic and Clinical Health Act (HITECH) and again in 2013 with the issuance of the Omnibus Final Rule.

Who Must Comply with HIPAA?

All Covered Entities, including most health care providers and others, who carry out one or more of the covered transactions enumerated in HIPAA.  Business Associates who work with health care providers and other Covered Entities and who have access to protected health information are also subject to HIPAA.


  • Medical and health care staff
  • Medical equipment companies
  • Medical billing and transcription companies
  • EMR vendors
  • Pharmacies
  • IT companies
  • Attorneys
  • Janitorial companies
  • Records/Storage facilities
  • Anyone who has access to protected health information

What is Texas HB300? 

Texas HB300 (Texas House Bill 300) is a bill that was passed in Texas in 2011 that amended several state laws which address privacy.  It has resulted in far stricter requirements for patient privacy than those found under HIPAA.   Texas HB300 went into effect on September 1, 2012 and was subsequently amended in June 2013.  Under one of the Texas privacy laws that was amended by Texas HB300, employees are now required to be trained on state and federal privacy laws any time a privacy law is changed or enacted that impacts an employee’s job responsibilities but no later than one year after the new law goes into effect.  Newly hired employees are required to be trained within 90 days of the employee’s hire date.

Who must comply with Texas HB300?

Under one of the laws that was amended by Texas HB300, the definition of a Covered Entity is much broader than the definition found under HIPAA and includes any individual or organization that:

  • Engages in the practice of assembling, collecting, analyzing, using, evaluating, storing or transmitting PHI and includes any person who maintains an Internet site;
  • Comes into the possession of PHI
  • Obtains or stores PHI
  •  Is an employee, agent or contractor of a person described in 1-3 above if they create, receive, obtain, maintain, use or transmits PHI

Certain entities are exempt from complying with Texas HB300.  For a list of exempt entities, please refer to Tex. Health & Safety Code §181.001, et seq. or contact Elmore & Associates, PLLC.

Our firm’s training (both live and webinar training) addresses both HIPAA and Texas HB300.  We also offer a separate training course that specifically addresses Texas HB300 and several of the laws it amends that are relevant to health care providers and business associates who provide products or services to the health care industry who are considered Covered Entities under Texas privacy law.

Why is HIPAA and Texas Privacy Law training important to me?

HIPAA and Texas House Bill 300 require Covered Entities and Business Associates to train their workforce on federal and state privacy laws.  To minimize your risk of penalties and fines for violations under HIPAA and relevant Texas privacy law and, most importantly, to learn how to better safeguard and protect your patients and clients’ protected health and sensitive personal information, get your HIPAA/Texas privacy law training through Elmore & Associates, PLLC today.     

Why Healthcare Providers and Business Associates Should Choose Elmore & Associates, PLLC for HIPAA/Texas HB300 training?

The attorneys at Elmore & Associates, PLLC have been representing health care providers and medical entities for more than 20 years and the majority of their practice is now devoted to serving the health care industry with its privacy and security concerns.   Our goal is to offer you the required HIPAA and Texas HB300 training in as efficient, easy and painless a manner as possible and at an affordable price.  We hope you will give one of our training options a try.  We think you will find that, unlike some of the vendors who offer HIPAA training, our course will provide you with in depth, up-to-date and practical information on the various privacy laws that affect your practice and business that you will be able to take back to the office and utilize immediately.

Why Choose Elmore & Associates, PLLC?

  • More than 20 years’ experience representing health care providers and medical entities
  • Majority of practice devoted to HIPAA and Privacy Law
  • Training provided by licensed attorneys
  • Training is comprised of up-to-date information on HIPAA and Texas HB300 and various Texas privacy laws
  • Use of training materials that are interesting to attendees and easy to understand
  • Training includes real-world examples and useful information for the attendees to utilize immediately
  • Individual, group and customized on-site training available
  • Numerous HIPAA/Texas HB300 training options available for your convenience
  • Reasonably priced and group discounts available
  • Phone and email support available
  • In addition to training, our firm provides an extensive range of HIPAA and Texas Privacy Law services including the mandated HIPAA Risk Analysis and other HIPAA related documents.  Our privacy documents are drafted with the specific needs of our clients in mind – unlike some vendors, we do not merely provide you with forms that require completion – we prepare documents that are customized to fit your particular needs.   For a list of health care related services we provide, please click here.