While being HIPAA certified isn’t a thing, being HIPAA compliant is. And the reality is that HIPAA compliance is not a one-time, static event. Rather, it is an ongoing process that involves frequent monitoring, staff training and comprehensive documentation. So if your organization is ever subject to a HIPAA audit, the auditors won’t care about the fancy logo on your website, but they will care if you’ve completed a risk analysis, executed business associate agreements, developed the necessary policies and procedures and trained your staff to follow them.
Some organizations attempt to market their applications or training with the phrase “HIPAA certified”. Or, they may offer an impressive looking logo you can post on your website. Unfortunately, there’s no such thing. The Office for Civil Rights (OCR) does not endorse any organizations’ products or training materials. In fact, OCR offers its own free training materials and document templates on its website.