Site navigation

Page sections

20+ Compliance Training Courses. One Subscription.

HIPAA, OSHA, workplace safety, fraud prevention, cybersecurity, and state privacy-law training for California, Texas, and New York - all in one subscription. Your team can finish their assigned courses in one sitting.

Start your free trial

Course Library

Showing all courses

Privacy

HIPAA Privacy Rule Training

Learn how patients' rights, permissible uses of PHI, and required safeguards apply to every member of your workforce.

45 min

HIPAA

Privacy

HIPAA Security Rule Training

Technical and administrative safeguards for electronic PHI - risk analysis, access controls, and workforce responsibilities. Proposed changes (expected 2026) may expand these requirements.

50 min

HIPAA

Privacy

Telehealth Privacy & Compliance

Essential for teams delivering virtual care - state telehealth laws, platform security requirements, and consent obligations unique to remote visits.

25 min

HIPAA

Privacy

42 CFR Part 2: Protecting Substance Use Disorder Records

Substance use disorder records follow stricter privacy rules than standard PHI. Consent requirements, disclosure limits, what your team can and can't share.

25 min

SAMHSA

Privacy

Business Associate Awareness

What makes a vendor a Business Associate, what agreements are required, and how your team should manage BA relationships.

25 min

HIPAA

Safety

Sexual Harassment Prevention Training

Prepare your staff to recognize prohibited conduct, fulfill reporting obligations, and understand employer responsibilities under Title VII and state laws.

30 min

Title VII

Safety

Workplace Violence Prevention

De-escalation techniques, threat recognition, and reporting procedures for healthcare settings where staff face difficult situations daily.

35 min

OSHA

Safety

OSHA General Safety for Healthcare

Everything your team needs to know about OSHA rights, hazard identification, injury recording, and the general duty clause for healthcare workplaces.

20 min

OSHA

Safety

OSHA Hazard Communication (HazCom)

GHS labels, Safety Data Sheets, and right-to-know rules for teams that work with chemicals and hazardous materials daily.

20 min

OSHA

Safety

Emergency Preparedness

Emergency response plans, evacuation procedures, and continuity of care. What your team needs to know when something goes wrong.

25 min

OSHA / CMS

Technology

Cybersecurity Awareness for Healthcare

Most data breaches start with human error. Build your team's defenses against social engineering, weak passwords, and other common attack vectors.

25 min

HIPAA Security

Technology

Phishing & Risk Analysis

Stop the most common cyberattack in healthcare. Learn to spot phishing attempts and conduct basic risk assessments to protect electronic patient data.

25 min

HIPAA Security

Technology

AI Safety & Smart Use in Healthcare

Responsible AI use in clinical and administrative workflows - data privacy, bias awareness, and governance for healthcare teams.

20 min

Emerging Standards

Clinical

Bloodborne Pathogens (OSHA)

Required knowledge for clinical staff - exposure control plans, universal precautions, PPE use, and post-exposure procedures mandated by OSHA.

30 min

OSHA

Clinical

Infection Control & Prevention

Standard precautions, hand hygiene, sterilization, transmission-based protocols. The basics that keep patients and staff safe.

30 min

OSHA

Clinical

TB Prevention for Healthcare Workers

Essential for teams with occupational exposure risk - TB transmission, skin testing requirements, respiratory protection, and workplace exposure controls.

20 min

OSHA / CDC

Compliance

CMS Fraud, Waste & Abuse (FWA)

Protect your organization from False Claims Act violations, anti-kickback risks, and CMS fraud penalties in Medicare and Medicaid billing.

25 min

CMS / OIG

Compliance

Compliance, Ethics & Fraud

The seven OIG compliance program elements, ethical decision-making, and fraud awareness for healthcare organizations.

30 min

OIG

Compliance

Mandatory Reporting (Abuse & Neglect)

Coming soon. Not available to start yet.

Compliance

Documentation & Medical Records Compliance

Documentation standards, retention requirements, and billing accuracy. What gets flagged in audits and how to get it right.

25 min

CMS / State

Patient Care

Age-Appropriate Care

Developmental and psychosocial considerations from pediatric to geriatric patients. Practical guidance your clinical team can apply.

25 min

CMS / Joint Commission

Patient Care

Cultural Competency & Health Literacy

Language access obligations, health literacy practices, and culturally responsive care that reduces disparities.

25 min

HRSA / State

Patient Care

Advanced Healthcare Directives

Your guide to living wills, healthcare proxies, DNR orders, and honoring patient advance care planning documents in clinical practice.

20 min

Federal / State

State

Texas HB 300

Required for Texas healthcare employers - HB 300 consent rules for marketing, stricter ePHI protections, and penalties up to $1.5M per year for a pattern of violations.

20 min

Texas Law Meets HB 300 training

State

California CMIA + SB 1299

California imposes privacy protections stricter than federal HIPAA. Learn the CMIA and SB 1299 rules that apply to California healthcare employers. SB 1299 workplace-violence prevention is a separate requirement your facility builds and trains on its own.

25 min

California Law Meets CMIA privacy SB 1299: awareness

State

New York State Compliance

Covers New York's privacy layers on top of HIPAA: the SHIELD Act data-security rules, Mental Hygiene Law Article 33 mental health record protections, and Public Health Law 27-F HIV confidentiality.

25 min

New York Law Meets NY privacy training

State

Florida HIV/AIDS

Coming soon. Not available to start yet.

State

Illinois Health Care Violence Prevention

For covered Illinois facilities only: hospitals, retail health care facilities, and state veterans homes under 210 ILCS 160. Most practices are not covered and follow OSHA's general duty clause instead. This is educational awareness; covered facilities must run their own OSHA-aligned program and training to satisfy the mandate.

10 min

Illinois Law Awareness course

California: Stricter privacy and workplace safety rules

The Confidentiality of Medical Information Act (CMIA) imposes consent, authorization, and penalty rules beyond federal HIPAA for all California healthcare employers. SB 1299 adds workplace violence prevention requirements specifically for hospitals and acute care facilities. Staff need training on both state and federal obligations.

EZBunny's training is for your organization's compliance program. It is not approved by the California Board of Registered Nursing, Medical Board of California, or Dental Board of California for individual continuing education (CE) credit. Licensed California practitioners must complete their CE-renewal hours through a state-board-approved CE provider.

Texas: Broader scope and stricter deadlines than federal HIPAA

HB 300 expands who counts as a covered entity, requires training within 90 days of hire (not just "reasonable time"), and adds penalties up to $1.5 million for patterns of noncompliance. If you operate in Texas, your team needs state-specific training on top of federal HIPAA.

EZBunny's training is for your organization's compliance program. It is not approved by the Texas Board of Nursing, Texas Medical Board, or other Texas licensing boards for individual continuing education (CE) credit. Licensed Texas practitioners must complete their CE-renewal hours through a state-board-approved CE provider.

Florida: HIV/AIDS training required for licensure

Florida requires every licensed healthcare practitioner to complete HIV/AIDS training at initial licensure and as part of continuing education renewal under FL Statute 381.0034. This applies to physicians, nurses, dentists, and most allied health professionals.

EZBunny's HIV/AIDS training is for your organization's compliance program. It is not approved by the Florida Board of Nursing or other state licensing boards for individual continuing education (CE) credit. Florida nurses, dentists, and other licensed practitioners must complete their CE-renewal hours through a state-board-approved CE provider.

New York: Additional requirements for licensed professionals

New York layers the SHIELD Act, Mental Hygiene Law Article 33, and Public Health Law 27-F on top of federal HIPAA. This course covers those state privacy protections; other New York mandates (infection control CE, mandatory reporting) are separate requirements met through their own approved courses.

EZBunny's training is for your organization's compliance program. It is not approved by the New York State Board of Nursing or the New York State Education Department Office of the Professions for individual continuing education (CE) credit. Licensed New York practitioners must complete their CE-renewal hours through a state-board-approved CE provider.

Illinois: State-specific training requirements

Sexual Harassment Prevention (IL addendum) - Illinois requires annual sexual harassment prevention training for all employees under the Illinois Human Rights Act (IHRA). This training must meet the state's IDHR model standard (775 ILCS 5/2-109), with Illinois-specific content beyond federal Title VII. Our sexual harassment course is Title VII-level awareness, so it does not meet the Illinois standard on its own; use a course built to the IDHR model to satisfy that mandate.

Health Care Violence Prevention (Illinois) - The Illinois Health Care Violence Prevention Act (210 ILCS 160) requires a workplace violence prevention program only at covered facilities: hospitals, retail health care facilities (clinics located inside retail stores), and state-operated veterans homes. If you run one of those, EZBunny offers Illinois Health Care Violence Prevention as a standalone course. Independent practices and outpatient clinics are not covered and follow OSHA's general duty clause instead.

EZBunny's training is for your organization's compliance program. It is not approved by the Illinois Department of Financial and Professional Regulation (IDFPR) for individual continuing education (CE) credit. Licensed Illinois practitioners must complete their CE-renewal hours through a state-board-approved CE provider.

Find Your Training Plan

Answer three quick questions and we'll show you exactly what training your team needs.

What type of practice do you run?

Select your practice type to see relevant training recommendations.

Where do you operate?

Select your states to add state-specific courses. State modules are available for CA, TX, FL, NY, and IL; see each course for what it covers.

Which roles are on your team?

Select all roles that apply. We'll build a training plan for each.

Your training plan, by role

Each pill is a role the course applies to. Hover or tap for the full name.

CourseStatusAssigned toDuration

Browse the rest of the 20+ catalog as awareness courses. We track your learning, not your required-training clock.

Training requirements vary by organization type, size, state, payer mix, and accreditation. This is a general guide, not legal advice. Consult your compliance officer for requirements specific to your organization.

Training by Practice Type

See which courses are required or recommended for your practice specialty.

Physician Practices & Medical Groups - 18 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA
CMS FWARequiredCMS (if billing Medicare/Medicaid)
Compliance, Ethics & FraudRecommendedOIG
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedCMS
Infection ControlRecommendedOSHA + state boards
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Phishing & Risk AnalysisRecommendedHIPAA Security
Cultural CompetencyRecommendedHRSA / State
TB PreventionRecommendedOSHA
Telehealth PrivacyRecommendedHIPAA
AI SafetyRecommendedEmerging Standards

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required for applicable license types (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies to licensed providers. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for this practice type.

Start free trial

Dental Offices - 15 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA (high exposure)
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA (chemicals, mercury, disinfectants)
Infection ControlRequiredState dental boards + OSHA
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedDental board
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
TB PreventionRecommendedOSHA (aerosol-generating procedures)
Cultural CompetencyRecommendedState (CA, NY, NJ)
CMS FWARecommendedCMS (if billing Medicaid)
Emergency PreparednessRecommendedState dental board

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies to licensed dental professionals. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for dental offices.

Start free trial

Urgent Care Centers - 17 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA
Infection ControlRequiredOSHA, AAAHC (if accredited)
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
CMS FWARecommendedCMS (if billing Medicare/Medicaid)
Compliance, Ethics & FraudRecommendedOIG
Documentation & Medical RecordsRecommendedCMS
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Emergency PreparednessRecommendedAAAHC (if accredited)
TB PreventionRecommendedOSHA
Workplace Violence PreventionRecommendedOSHA
Telehealth PrivacyRecommendedHIPAA

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for urgent care centers.

Start free trial

Home Health Agencies - 19 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA
CMS FWARequiredCMS CoP
Compliance, Ethics & FraudRequiredOIG
Mandatory Reporting (coming soon)RequiredState Law
Infection ControlRequiredCMS CoP
Emergency PreparednessRequiredCMS CoP
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedCMS CoP
TB PreventionRecommendedOSHA
Cultural CompetencyRecommendedHRSA / State
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Telehealth PrivacyRecommendedHIPAA
Age-Appropriate CareRecommendedCMS
Advanced Healthcare DirectivesRecommendedFederal

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for home health agencies.

Start free trial

Behavioral Health & SUD Treatment - 18 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
42 CFR Part 2RequiredSAMHSA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
Compliance, Ethics & FraudRequiredOIG
CMS FWARequiredCMS (if billing Medicare/Medicaid)
Mandatory Reporting (coming soon)RequiredState Law
Workplace Violence PreventionRequiredOSHA / CARF
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedCARF / Joint Commission
Cultural CompetencyRecommendedCARF
Emergency PreparednessRecommendedCARF
Infection ControlRecommendedOSHA
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Advanced Healthcare DirectivesRecommendedFederal
Telehealth PrivacyRecommendedHIPAA

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for behavioral health facilities.

Start free trial

Chiropractic Offices - 12 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedChiropractic board
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
CMS FWARecommendedCMS (if billing Medicare/Medicaid)
Infection ControlRecommendedState boards + OSHA
Cultural CompetencyRecommendedState (CA, NY, NJ)

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for chiropractic offices.

Start free trial

Physical Therapy & Rehab Clinics - 14 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedCMS / State PT board
CMS FWARecommendedCMS (if billing Medicare/Medicaid)
Compliance, Ethics & FraudRecommendedOIG
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Infection ControlRecommendedOSHA + state boards
Cultural CompetencyRecommendedState (CA, NY, NJ)
Telehealth PrivacyRecommendedHIPAA

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for PT/rehab clinics.

Start free trial

Ambulatory Surgery Centers - 13 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA
Infection ControlRequiredCMS CoP / AAAHC
Emergency PreparednessRequiredCMS CoP
CMS FWARequiredCMS (if billing Medicare/Medicaid)
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Documentation & Medical RecordsRecommendedCMS
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for ASCs.

Start free trial

Pharmacies - 11 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
OSHA HazComRequiredOSHA
OSHA General SafetyRequiredOSHA
CMS FWARequiredCMS Medicare Part D
Compliance, Ethics & FraudRequiredDEA + OIG
Sexual Harassment PreventionRequiredTitle VII
Bloodborne PathogensRecommendedOSHA (if offering immunizations)
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Documentation & Medical RecordsRecommendedPharmacy board

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for pharmacies.

Start free trial

Mental Health Private Practices - 14 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
42 CFR Part 2RequiredSAMHSA (if treating SUD)
Documentation & Medical RecordsRecommendedState licensing boards
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
Phishing & Risk AnalysisRecommendedHIPAA Security
Telehealth PrivacyRecommendedHIPAA
Cultural CompetencyRecommendedState (CA, NY, NJ)
CMS FWARecommendedCMS (if billing Medicare/Medicaid)
Compliance, Ethics & FraudRecommendedOIG
Advanced Healthcare DirectivesRecommendedFederal

Note: OSHA clinical safety courses (Bloodborne Pathogens, HazCom, General Safety) are not listed because office-based mental health practices typically have no bloodborne pathogen or chemical exposure risk.

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for mental health practices.

Start free trial

Community Health Centers (FQHCs) - 15 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Bloodborne PathogensRequiredOSHA
OSHA General SafetyRequiredOSHA
OSHA HazComRequiredOSHA
CMS FWARequiredCMS / Federal
Compliance, Ethics & FraudRequiredOIG
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
Cultural CompetencyRequiredHRSA
Infection ControlRecommendedOSHA
Emergency PreparednessRecommendedHRSA
Business Associate AwarenessRecommendedHIPAA
Cybersecurity AwarenessRecommendedHIPAA Security
TB PreventionRecommendedOSHA

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for FQHCs.

Start free trial

Telehealth Providers - 12 courses applicable
Course Status Authority
HIPAA Privacy RuleRequiredHIPAA
HIPAA Security RuleRequiredHIPAA
Telehealth Privacy & ComplianceRequiredHIPAA + State
Cybersecurity AwarenessRequiredHIPAA Security
Phishing & Risk AnalysisRequiredHIPAA Security
Business Associate AwarenessRequiredHIPAA
Mandatory Reporting (coming soon)RequiredState Law
Sexual Harassment PreventionRequiredTitle VII
CMS FWARecommendedCMS (if billing Medicare/Medicaid)
Compliance, Ethics & FraudRecommendedOIG
Documentation & Medical RecordsRecommendedCMS
AI SafetyRecommendedEmerging Standards

If you operate in California: California CMIA + SB 1299 is also required. If you operate in Texas: Texas HB 300 is also required. If you operate in Florida: Florida HIV/AIDS is also required (EZBunny's course coming soon). If you operate in New York: New York State Compliance applies. If you operate in Illinois: IL Sexual Harassment Prevention addendum applies.

EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here.

Note: Proposed changes to the HIPAA Security Rule (expected 2026) may expand Security Rule requirements for telehealth providers.

Start free trial

Regulatory Disclaimer

Training requirements vary by organization type, size, state, payer mix, and accreditation. This guide reflects common federal and state requirements as of March 2026 and is not legal advice. Consult your compliance officer or legal counsel for requirements specific to your organization. EZBunny provides state privacy-law training for California, Texas, and New York. Our state-specific safety and harassment courses are awareness training and may not, on their own, satisfy your state's specific mandate. Other states may have requirements not covered here. Last reviewed: May 2026.