Drexel University Clinical Covered Entities
Privacy Program Policies and Procedures
Policy Title: Training Requirements
Policy Number: IM-08
Effective Date: April 14, 2003; September 23, 2013
Last Revision: September 1, 2017
Responsible Officer: Vice President, Chief Compliance, Privacy and Internal Audit Officer
Table of Contents
This policy applies to all Covered Entities within Drexel University.
Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.
Drexel University (DU) requires Privacy Program training for all employees, faculty, staff and students to enable an understanding of and compliance with the requirements of the HIPAA regulations.
Each Affected Member as defined in the HIPAA Compliance Plan will be trained in general Privacy Program information and special topics as required by the assigned access category related to the position held.
This Policy provides the requirement for the training of all employees, faculty and staff to ensure compliance with the Privacy Program and HIPAA regulatory requirements.
- All employees, faculty and staff will attend required training programs.
- Attendance records will be maintained electronically for web-based training and manually for classroom education.
- The department and the Privacy Officer will maintain training records.
- New internal DU Business Associates will receive Business Associate training within a reasonable time after beginning to provide Business Associate services for a covered entity.
Back to Top