• NSU Home
• NSU HIPAA Privacy Department
• Training

The Health Insurance Portability & Accountability Act (HIPAA) requires that the university train all NSU Health Care Component Workforce Members about the university’s HIPAA Policies and those specific HIPAA required procedures that may affect the work you do for the university. This is accomplished by having the Workforce Member read and sign the form entitled, “HIPAA Confidentiality and Need to Know Agreement,” and complete the HIPAA Privacy, Security and Research Orientation Course within 30 days of hire. All NSU Health Care Component Workforce Members will also be required to attend annually a HIPAA Privacy, Security and Research Refresher Training. Furthermore, the NSU Privacy Officer may require certain NSU Workforce Members to complete additional HIPAA privacy training to address non-compliance and/or minimize the risk of future non-compliance.

Definition of Workforce Member

For purposes of the NSU Privacy Policies, a Workforce Member includes health care providers, employees, trainees, and other persons whose conduct, in the performance of work for NSU is under the direct control of NSU, whether or not they are paid by NSU or a Health Care Component. 45 C.F.R. § 160.103. It does not include Business Associates or their employees and agents. See 45 CFR 160.103.

Objectives of the HIPAA Privacy, Security and Research Orientation Course

The objectives for the HIPAA Privacy, Security and Research Orientation Course for all NSU Health Care Component Workforce Members are to provide a basic overview of HIPAA including but not limited to:

• The workforce member’s role in maintaining the privacy and security of Protected Health Information (PHI);  
• What information must be protected under state and federal privacy laws;
• Patient rights regarding access to and use of their health information; and
• The workforce member’s responsibility for reporting incidents and consequences for non-compliance.