PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

HIPAA Training

by Daniel J. Solove

There is a great quote in this article from HealthcareInfoSecurity: that expresses very well the importance and goals of HIPAA training programs:

Workforce training is important not only for preventing breaches, including those involving ID crimes, but also to help detect those incidents, [Ann Patterson of the Medical Identity Fraud Alliance] says. “Each employee must understand their role in protecting PHI. Equally important is regular and continued evaluation of the training programs to make sure that employees are adhering to the policies put in place, and that the ‘red flags’ detection systems are keeping pace with changing technologies and workplace practices.”

In addition to the excellent points in this quote, I believe that one of the keys in HIPAA training is to emphasize the human dimension.  Following HIPAA’s rules can seem tedious and inconvenient, but doing so helps mitigate and prevent harm to patients.  Medical ID theft is a serious and growing problem.  Employees need to know that they shouldn’t be following HIPAA for its own sake but for the sake of patients.  The most effective training makes an emotional connection — it explains not just what people should do or not do, but also why people should care.

Some useful resources:

Medical Identity Fraud Alliance

Kamala D. Harris, California Attorney General, Medical Identity Theft: Recommendations for the Age of Electronic Medical Records

Daniel J. Solove, The Health Data Breach and ID Theft Epidemic

Daniel J. Solove, HIPAA Training FAQ

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics.  

Privacy Security Forum Ad 22Professor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 21-23 in Washington, DC), an event that aims to bridge the silos between privacy and security. 

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
*
 LinkedIn Influencer blog
*
 Twitter
*
 Newsletter