Mendry    ·    Florida 501(c)(3) Nonprofit    ·    Veteran-Built & Independent

DCSP Hub · Hub 09

Role

01

of 09

HIPAA Training & Workforce Privacy Education

The discipline that keeps every workforce member trained and current

HCCA

CHPC

AHIMA

CHPS

IAPP

CIPP/US

(ISC)²

HCISPP

STATE PRIVACY BOARDS

Multi-State Training
Role
01
of 09

Annual HIPAA Compliance Trainer

An Annual HIPAA Compliance Trainer specializes in delivering the annual HIPAA training that every covered entity must provide to its workforce. The HIPAA Privacy Rule requires ongoing training to maintain workforce competency, and most practices deliver annual refresher training. The work follows predictable annual cycles. Strong annual training maintains workforce understanding; weak annual training reduces compliance training to checkbox exercise.

How This Work Happens

How This Work Happens

Annual HIPAA compliance trainer work happens in three places: as a hospital or health-system employee, as a contractor working through a practice management or services company, or as an independent business owner. This page covers all three so you can choose the path that fits your life.

Mendry supports the third path. We are a Florida 501(c)(3) membership platform full of opportunities — not an employer, not a placement agency. We list independent professionals so the practices that need them can find them. Your business. Your contracts. Your rates. Your decisions.

MEMBER ACKNOWLEDGMENT

Membership in Mendry’s DCSP Network is built on these understandings about your business.

Fifteen points. Read carefully. This is the agreement.
01

You set your own rates. Mendry does not suggest, publish, recommend, or facilitate the sharing of rate information between members.

02
You bill your own clients and collect your own payment. Mendry does not invoice, collect, hold, distribute, or process payment between you and your clients.
03
You hold and maintain current professional liability and errors-and-omissions insurance appropriate to your specialty. Mendry does not insure you, indemnify you, or provide coverage of any kind.
04
You handle your own taxes as an independent business. Mendry does not withhold, report, file, or remit taxes for you. You are responsible for federal, state, and local tax obligations including estimated quarterly payments.
05
You sign your own contracts directly with your clients. Mendry is never a party to, signatory of, or guarantor of your client agreements, and Mendry does not negotiate, review, or approve your contract terms.
06
When your work touches Protected Health Information (PHI), you execute a Business Associate Agreement (BAA) directly with each client before beginning work. Mendry is never a party to your BAAs, and Mendry’s website never touches, stores, or transmits PHI.
07
You hold and maintain all federal, state, and local business licenses, registrations, and certifications your business and work require. Mendry does not verify licenses on your behalf or vouch for your licensure status.
08
You complete the continuing education your credential requires and maintain current documentation. Mendry does not track CE on your behalf, report CE to credentialing bodies, or guarantee that your CE meets any specific requirement.
09
You carry full professional responsibility for the quality, accuracy, and timeliness of your work product. Errors, omissions, missed deadlines, and quality disputes are between you and your client. Mendry does not mediate, intervene, indemnify, or carry any liability for your work.
10
You market your own business and represent yourself accurately to clients. You do not represent yourself as employed by, certified by, endorsed by, or operating under the authority of Mendry. You may accurately state that you are a listed member of the Mendry DCSP Network.
11
Your professional relationships are with your DCP clients. You do not have a direct service relationship with veterans through Mendry, and Mendry does not refer veterans to you as patients or clients.
12
You maintain your own client records, working files, and business records on systems and tools you control. Mendry does not host, back up, store, or have access to your client files or business data.
13
Your membership in the DCSP Network is conditional on maintaining current credentials, insurance, licenses, and good standing. Mendry may suspend or terminate your directory listing if these standards lapse.
14
Your membership fee pays for your listing and the educational resources Mendry provides. It does not buy referrals, leads, work, or placement, and is not refundable based on the work you do or do not receive.
15
You are a member of an independent professional directory. You are not an employee, contractor, agent, partner, joint venturer, or representative of Mendry. Mendry does not direct, supervise, control, schedule, or assign your work.

What This Really Means

The same fifteen points — explained the way a friend would explain them.

01

You decide what to charge.

You research what other professionals in your specialty charge. You look at job boards. You ask peers. You decide what your work is worth, and you tell your clients that number. Mendry does not tell you what to charge. We do not share rate information. That keeps us out of antitrust trouble and keeps you free to price your work the way you choose.

02

You send the bill. You collect the money.

Every month, you send your client an invoice. The client pays you directly — usually by ACH bank transfer or check. Mendry does not touch the money. We never see your invoices. We never collect for you. Money flows from client to you. Period.

03

You buy your own insurance.

Professional liability insurance protects you if a client says your work cost them money. Errors and omissions insurance protects you if you make a mistake in your work product. Every working DCSP needs both. You shop for it. You pay for it. You keep it current. Mendry does not insure you, and the directory does not list you as covered by us.

04

You pay your own taxes — four times a year.

As an independent business, you pay estimated taxes every quarter — April, June, September, and January. You file a Schedule C with your tax return. Mendry does not withhold anything. We do not report your income to the IRS. You are responsible for tracking your income, your expenses, and your tax payments. A bookkeeper or CPA pays for itself.

05

You sign your own contracts.

Every client gives you a contract — sometimes called a Master Service Agreement or a Statement of Work. You read it. You sign it. If something looks off, you take it to your own attorney. Mendry does not read your contracts, does not negotiate them, and is not a party to them.

06

You sign a BAA with every client before you start.

When your work touches information about real patients — their names, dates of birth, diagnoses — that information is called PHI. Before any client lets you near their patient information, you sign a Business Associate Agreement. Every client. Every time. Mendry’s website never touches PHI — we educate you about it, that’s it.

07

You hold your own business licenses.

Some states require a business license to operate. Some cities require a local one. You research what your state and city require, and you hold whatever licenses apply. Mendry does not verify your licenses for you — the verification badge on your directory profile reflects what you upload, not what we check with the state.

08

You keep your credentials and CE current.

Your professional credential needs continuing education hours to stay active. You complete the CE. You track the hours. You report them to your credentialing body. Mendry does not report for you and does not guarantee your CE is enough — that’s between you and your credentialing body.

09

You own the quality of your work.

If you make a mistake in your work, the client may lose money. They may ask you to fix it. They may charge you for the loss. Your insurance and your reputation handle this — not Mendry. Build clean files. Communicate well. Hit your deadlines.

10

You market yourself accurately.

You can tell clients: “I am a listed member of the Mendry DCSP Network.” That is accurate. You cannot tell clients: “I work for Mendry” or “Mendry certified me.” Stick to “listed member of the directory.”

11

Your clients are DCP practices. Veterans are not your clients.

You serve the doctor’s practice or the clinic — the DCP. The veteran is the DCP’s patient, not yours. Mendry does not refer veterans to you. The chain goes: Mendry lists DCPs. DCPs hire DCSPs. DCSPs serve DCPs. You are two steps removed from the patient, which is exactly where you should be.

12

You keep your own records.

Your client files, your invoices, your work product, your tax records — all of it lives on systems you control. Mendry does not host your work. We do not back up your data. Use cloud backup. Treat your business like a real business.

13

Your directory listing is conditional, not permanent.

If your credential lapses, your listing pauses. If your insurance expires, your listing pauses. Membership is a standing — you maintain it by keeping everything current. We send you reminders before things lapse. The directory only works if every member listed is actually current.

14

Your membership fee pays for listing — not for leads.

Mendry does not promise you work. The fee you pay covers your spot in the directory and the educational resources we publish. Whether you win the work after that depends on you — your profile, your responsiveness, your rates, your references. Membership is an opportunity, not a guarantee.

15

You are a member. We are a platform. That is the whole relationship.

Mendry does not employ you. We do not contract with you. We do not represent you. We list you. You operate your business. The line between us is clean and clear — and the clean line is what protects both of us.

What This Role Involves

Annual HIPAA Compliance Trainers deliver the recurring annual training that maintains workforce HIPAA competency. They develop annual training content that addresses any regulatory updates, organizational changes, and incident-related learning from the prior year. They schedule and deliver annual training to all workforce members. They document completion for compliance audit.

Content refresh matters significantly. Annual training cannot simply repeat prior years’ content — workforce members tune out repetitive training. Effective annual training incorporates current regulatory developments, recent organizational incidents (de-identified), emerging threats, and updated policies.

Documentation is core compliance work. The Privacy Rule requires documented training. Annual trainers maintain audit-ready documentation showing every workforce member completed annual training, what content was delivered, and assessment outcomes where applicable.

The Honest Description

The Annual HIPAA Compliance Trainer role rewards predictable annual cycles combined with content refresh discipline. Members who do well in this work enjoy the recurring rhythm of annual training, take pride in well-documented compliance training programs, and find satisfaction in maintaining workforce compliance year over year.

The Core Activities

1

Develop annual training content updates

Refresh annual content to incorporate regulatory updates, organizational changes, and current threats.

2

Schedule annual training delivery
<div class="activity

3

Deliver annual training across workforce

Lead training sessions through live and virtual delivery.

4

Maintain training completion documentation

Track workforce completion. Document assessment outcomes. Maintain audit-ready training records.

5

Coordinate with Compliance Officers on annual training program

Work with Compliance and HIPAA Privacy Officers on annual training scope and content.

Where This Role Appears in the Field

In a hospital training or compliance department

Hospital annual trainers work within HR, training, or compliance departments often as part of broader training responsibilities.

In a HIPAA training services company

Companies offering annual training services to multiple client practices.

 

As an independent contractor

Mid-size practices needing annual HIPAA training without dedicated training staff hire independent specialists. Annual cycles create predictable engagement patterns.

 

Federal Payer Workflow
VA CCN, TRICARE & CHAMPVA Credentialing

VA workforce annual training follows federal training cycles. Trainers working with VA bring valuable federal annual training compliance expertise.

VA Community Care Network practices need annual HIPAA training covering federal payer requirements. Annual trainers supporting VA CCN practices bring federal payer perspective.

The two-hat reality. In a two-hat practice, this work runs on two parallel tracks at once — VA Community Care credentialing and claims under federal authority, and state medical cannabis practitioner participation under state authority. The two tracks never share a workflow, but they share a deadline: a lapse on either side stops payment and access on both. Members who can hold both tracks steady at the same time are the ones two-hat practices keep.

Your Roadmap to becoming an independent Annual HIPAA Compliance Trainer

This is the step-by-step path. Follow each step in order.

Step
01
Build HIPAA training experience

Most annual trainers come from broader HIPAA training backgrounds with annual training specialty focus.

Step
02
Develop annual content refresh expertise

Annual training requires year-over-year content refresh while maintaining regulatory completeness.

 

Step
03
Set up your business

Register an LLC. Get an EIN. Open a separate business bank account.

Step
04
Get professional liability insurance

Errors and omissions coverage.

Step
05
Sign HIPAA Business Associate Agreements

Every client signs a BAA.

Step
06
Find your first client

Mid-size practices needing annual training delivery are natural first clients. Annual cycles create predictable engagement patterns.

Step
07
List in the Mendry DCSP Network

Position yourself around annual training specifically.

Step
08
Build your book of business

Annual trainers often work with multiple clients on annual training delivery cycles plus content refresh engagements.

Education & Experience Pathways

Members exploring this role typically come into the work through one of these learning paths:

Training professional transitions
Trainers with HIPAA expertise who specialize in annual training cycles.
Compliance professional with training delivery
Compliance professionals who specialize in annual workforce training.
Military MOS adjacent paths
Military training roles with annual training cycle experience translate well — training NCOs, instructors, and similar roles.
The Skill That Distinguishes Strong Specialists

Annual HIPAA Compliance Trainers who grow fastest are the ones who build content refresh libraries — case examples, scenario updates, and content additions that they can deploy across multiple clients each year. Library-driven annual training delivers value more efficiently than building from scratch each year.

The Realities of the Work

The Annual HIPAA Compliance Trainer role follows predictable annual cycles with concentrated training delivery periods. Many practices cluster annual training in specific months.

It is remote-work compatible for virtual delivery. Compensation often flows on project-based annual engagement models.

Income — Research the Range

Mendry does not publish specific income figures because numbers vary based on credential, geographic market, employment type, specialty focus, and experience. Here are the authoritative sources to research current income data:

BLS — Training and Development Specialists

BLS occupational data.

bls.gov/ooh/business-and-financial/training-and-development-specialists.htm
HCCA Compensation Survey

HCCA compensation data.

hcca-info.org
FlexJobs & Upwork — Independent Contractor Rates

Real-time rate data.

flexjobs.com · upwork.com (search "HIPAA annual training")
Indeed & Glassdoor — Real-Time Market Data

Active market data.

indeed.com · glassdoor.com (search "HIPAA compliance trainer")

How to Know If This Role Fits You

The Annual HIPAA Compliance Trainer role is a good fit for members who like predictable annual training rhythm. Members who can refresh content year over year while maintaining engagement. Members who enjoy delivery work with clear seasonal patterns. For the right person, it offers steady annual cycle work with strong remote-work compatibility.

About this content. Mendry is a Florida 501(c)(3) nonprofit membership platform. This page is educational and does not constitute medical, legal, financial, or placement advice. HIPAA training requirements, state privacy laws, and workforce education standards vary by setting, jurisdiction, and regulatory framework. Always confirm current requirements with the relevant authority before designing or delivering training programs. Mendry does not employ, place, refer, or supervise HIPAA training professionals. All members listed in the DCSP Network operate their own independent businesses, set their own rates, sign their own contracts, and carry their own insurance. Mendry does not provide treatment, prescribe or sell cannabis, complete state forms, or collect PHI. Emergency: 911 · Veterans Crisis Line: 988 (Press 1) · Text 838255.

Your Specialty. Your Business. Your Network.

Mendry lists independent credentialing professionals so the two-hat practices that need them can find them. Your business, your rates, your clients, your decisions — we provide the visibility and the platform.

In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911. In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911. In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911.
In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911. In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911. In crisis? Call 988 and press 1, text 838255, or chat at VeteransCrisisLine.net. Emergencies: dial 911.

A Florida 501(c)(3) nonprofit supporting the two-hat clinical model for veteran care. Veteran-built, independent, and not affiliated with the U.S. Department of Veterans Affairs.

 Educational use only. No medical or legal advice. Mendry is a 501(c)(3) nonprofit, not a government agency, and not affiliated with the VA or any federal or state agency. Mendry does not provide treatment, prescribe or sell cannabis, complete state forms, or collect PHI. Healthcare decisions are yours and your licensed clinicians’ only.