Your caregivers document visits on tablets, share care plans between shifts, and communicate on the go. They need HIPAA training that covers the real risks of home-based care.
Start 14-day free trialYour aides use phones and tablets at the point of care. One lost device, one unlocked screen left on a kitchen counter, one photo in the wrong app -- that's a reportable breach.
When the agency tablet dies mid-visit, staff reach for their personal phone. Visit notes in personal apps, patient photos in camera rolls, care plan screenshots in text threads -- all HIPAA violations.
Shift changes mean sharing patient updates. Your morning aide texts the evening aide about medication changes. Without a secure channel, every handoff is a potential breach.
Care plans and visit logs in the back seat, left in unlocked cars, carried in open bags. Paper PHI outside your office is the hardest risk to control -- and the easiest for auditors to spot.
Short audio-narrated lessons with knowledge checks. Your home health aides, visiting nurses, and coordinators complete it between visits -- not dragged across weeks of reminders.
See which caregivers are trained, who's overdue, and who just onboarded. Pull audit-ready reports when accreditation surveyors or state inspectors ask.
New hire? Expiring certificate? EZBunny sends reminders so you never have to track down a caregiver between patient visits about their overdue training.
Every certificate has a unique ID and a public verification link. When state health departments or accreditation bodies ask, they can confirm it in seconds.
No per-seat charges. No hidden fees. Cancel anytime.
Home health workers using mobile devices to access or document PHI must follow HIPAA's Security Rule. Devices must have encryption enabled, strong passcodes or biometric locks, automatic screen timeout, and remote wipe capability. Using personal devices requires a written BYOD policy. Staff should never store patient information in personal notes apps, text messages, or photo galleries.
Documenting on personal devices is only permitted if the agency has a BYOD policy meeting HIPAA requirements: device encryption, passcode protection, remote wipe, and approved apps. Visit notes should go directly into the agency's HIPAA-compliant EHR -- never in personal notes, texts, or photos. If a personal device is lost, the agency must be able to remotely wipe PHI from it.
Care team communication involving PHI must use HIPAA-compliant channels. Standard texts, personal email, and consumer messaging apps are not compliant. Use encrypted messaging platforms with audit trails and BAAs. For urgent verbal communication, confirm you're in a private setting and avoid using patient full names in voicemails.
Every home health aide, visiting nurse, therapist, and administrative staff member who handles PHI must receive HIPAA training covering the Privacy Rule, Security Rule, and breach notification procedures. Training is required at hire and when policies change. Annual refresher training is a best practice and may be required by state regulations or accreditation bodies.
Paper records must be transported in locked bags or containers, never left unattended in vehicles, and returned to the agency or securely destroyed after use. Carry only the minimum records necessary for the visit. Lost or stolen paper records containing PHI must be reported as a potential breach.
OASIS assessments, care plans, visit documentation, and discharge summaries are all PHI under HIPAA. They must be created, stored, and transmitted using compliant systems. When completing OASIS assessments in a patient's home, position your device so others cannot read the screen. Care plans shared between providers must go through secure channels with BAAs in place.
Takes minutes to set up. Your 14-day free trial starts right away.
Start 14-day free trialEZBunny provides HIPAA awareness training for educational purposes. We do not collect, store, or process Protected Health Information (PHI). Completion certificates show that training was completed but do not guarantee regulatory compliance on their own. We recommend consulting a qualified compliance professional for your specific obligations.