Mandatory HIPAA Training

To facilitate the training process, we have developed a web-based Basic HIPAA Privacy course on Blackboard. The University is requiring all Medical Center students, residents, and faculty to complete this course.

Note: If you are involved in research which requires submitting your proposal to the IRB, you will be required to complete a second HIPAA training program focusing specifically on research implications.

In 1996 the Congress approved the Health Insurance Portability and Accountability Act (HIPAA). This federal legislation governs [among other things] the privacy and security of individually identifiable health information [termed Protected Health Information or PHI in the regulations]. This legislation has clear implications for anyone working in health care and related research. The law also requires that institutions train all members of its workforce on HIPAA policies and procedures with respect to PHI. GW's HIPAA training program will provide a general overview of HIPAA regulations. It does not include institution- specific policies and procedures for GW Hospital, the MFA, or other affiliated institutions, which by law must provide their own complementary training.

HIPAA requires that 1) training be provided not later than April 14, 2003 the compliance date for the HIPAA Privacy Rule and 2) institutions document that the training has been provided. GW has had a HIPAA Task Force working for several years trying to digest all the implications of the law on policies, procedures and other operations at the University and in our relationships with the Hospital and MFA. Training had to be held until the final Privacy and Security rules were issued.

The training course is available on Blackboard for all Medical Center students. Faculty members in the School of Medicine, the School of Public Health and Health Services, and medical residents will be trained via the CME website Good Outcomes (www.goodoutcomes.com). The training course is certified for CME credit.