The Health Insurance Portability & Accountability Act (HIPAA) requires that the university train all NSU Health Care Component Workforce Members about the university’s HIPAA Policies and those specific HIPAA required procedures that may affect the work you do for the university. This is accomplished by having the Workforce Member read and sign the form entitled, “HIPAA Confidentiality and Need to Know Agreement,” and complete the HIPAA Privacy, Security and Research Orientation Course within 30 days of hire. All NSU Health Care Component Workforce Members will also be required to attend annually a HIPAA Privacy, Security and Research Refresher Training. Furthermore, the NSU Privacy Officer may require certain NSU Workforce Members to complete additional HIPAA privacy training to address non-compliance and/or minimize the risk of future non-compliance.
For purposes of the NSU Privacy Policies, a Workforce Member includes health care providers, employees, trainees, and other persons whose conduct, in the performance of work for NSU is under the direct control of NSU, whether or not they are paid by NSU or a Health Care Component. 45 C.F.R. § 160.103. It does not include Business Associates or their employees and agents. See 45 CFR 160.103.
The objectives for the HIPAA Privacy, Security and Research Orientation Course for all NSU Health Care Component Workforce Members are to provide a basic overview of HIPAA including but not limited to: