HIPAA Information
Every member of the SPRC workforce must receive the appropriate level of HIPAA training.
What is HIPAA?
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. You’re probably familiar with the provisions of this act which protect health insurance coverage for workers and their families when they change or lose their jobs. HIPAA also establishes national standards for electronic health care transactions and national identifiers for providers, health plans, and employers, while protecting the confidentiality of health care data through privacy and security provisions. Visit the School of Medicine web site to learn more.
What do you have to do?
Under HIPAA regulations the School of Medicine and the two hospitals combined are considered a "covered entity". HIPAA's Privacy Rule controls the use and disclosure of what's known as Protected Health Information (PHI) and requires that all members of the covered entity's workforce be trained. The definition of workforce is anyone working for and with us, so this includes temporary and casual staff members and even those who will never have access to PHI.
There are four levels of General Training with a quiz at the end of each. Depending on the level to which you've been assigned, you can expect to spend 30 to 90 minutes to complete this training.
The web-based training system begins with an introduction and then brings you to a main menu from which you can go through the modules. Step-by-step instructions are available on this web site.
Chris Scholberg will receive training status reports from the School of Medicine HIPAA Office, to verify compliance. Two words of caution about the general training:
1) The training system allows you to choose the level of training; choose the level you have been assigned to or higher (or else the training will not count).
2) You must pass the quizzes with at least 70% correct in order to fulfill the training requirement.
In addition to the general training, there are Research and Education modules, and the Required HIPAA Privacy and Security Training. Your supervisor is responsible for informing you which modules you must complete and providing a unique ID for use in accessing the General Training. (Anyone who works in human research and has access to PHI must take the research module.)
Note: For the Research Training, enter Diana Fox as your supervisor (so she will receive the confirmation once you complete the module), and you must answer all 10 questions of the quiz correctly in order to pass.