Informs researchers on their responsibilities related to protecting confidentiality and security of patient information.
Who is required to take this training?
(1) All UW employees who work in a UW HIPAA covered entity and who have access to Protected Health Information (PHI) and (2) All UW employees or agents who conduct research and who access Protected Health Information (PHI) from any UW covered entities. Refresher training is required annually for UW employees who work in a UW HIPAA covered entity.
Summary of the requirement
Federal regulations require that a covered entity must train all members of its workforce on the policies and procedures with respect to protected health information, as necessary and appropriate for the members of the workforce to carry out their function within the covered entity.
Related policies and regulations
- Compliance Education and Outreach – COMP.002
- 45 CFR Part 164, Section 164.530(b) – “Administrative Requirements” – Training
- NIH Grants Policy Statement 18.104.22.168 Confidentiality of Alcohol and Drug Abuse Patient Records
- NIH Grants Policy Statement 22.214.171.124 Confidentiality of Patient Records: Health Insurance Portability and Accountability Act
- NIH HIPAA Privacy Rule
- The Health Information Technology for Economic and Clinical Health (HITECH) Act