Training

Workforce members of the School of Medicine and other Health Care Component Parts of the University are required to complete HIPAA 101, an online module that covers the HIPAA Privacy, Security, and Breach Notification Rule.

A brief overview of the HIPAA Regulation and University Policy is also offered during the School of Medicine New Employee Orientation.  This overview is not a substitute for completing the HIPAA 101 module.   

Additional classroom and online training are also available.  Our online training options include:

HIPAA 101

  • Course Description: This course serves as the initial HIPAA training for Washington University workforce members covering the Privacy Rule, Security Rule, Breach Notification Rule, expectations of workforce members, University HIPAA Policies, and the University Sanction Policy for Non-Compliance. The course will take approximately 25 minutes to complete.
  • Intended Audience: All workforce members of the School of Medicine and other Health Care Component Parts of the University and anyone who desires education and awareness of the HIPAA Regulation and University Policies.  
  • Required Training: Training must be completed within 10 days of hire or prior to the workforce member’s access to PHI (whichever comes first.)

HIPAA Appropriate Use of Clinical Systems

  • Course Description: This course provides an overview of the appropriate use/access to our clinical systems. This course will take approximately 10 minutes to complete.
  • Intended Audience: Any staff member who has access to our clinical systems.
  • Optional Training:  This training is optional unless required by your department. 

HIPAA Business Associates

  • Course Description: This course provides an overview of the HIPAA regulation for Business Associates and Business Associate Agreements, and how they relate to purchasing suppliers or vendors for services performed on behalf of Washington University. It also explains the requirements for a Business Associate Agreement and our process for ensuring we have a Business Associate Agreement in place before allowing supplier/vendor access to our protected health information. This course will take approximately 16 minutes to complete.
  • Intended Audience: All workforce members of the School of Medicine and other Health Care Component Parts of the University involved in the request of suppliers/vendors for services performed on behalf of Washington University.
  • Optional Training: This training is optional unless required by your department. 

HIPAA Training for Research Monitors

  • Course Description: This course provides an overview of the HIPAA Regulation and how it relates to research activities, the requirements for documenting and reporting incidents involving PHI, and the important role encryption plays in data security. This course will take approximately 10 minutes to complete.
  • Intended Audience: External Research Monitors who require access to our clinical systems.
  • Mandatory Training: This training must be completed prior to access to our clinical systems.

We can also create customized, in-person, HIPAA Refresher courses for departments to fit their specific needs. To request a Refresher course, please email hipaa@wustl.edu.