CUMC HIPAA Privacy and Security Essentials Training
HIPAA Training must be completed by all new faculty, staff, and students within 30 days of the date of hire, and annually thereafter. The course content is updated annually to include current Privacy and Information Security regulations that govern Columbia in addition to information related to Columbia University policies.
Training assignment criteria:
Link to the course:
- If you completed the 2017 HIPAA Privacy and Security Essentials Training in StridePoint (the old training vendor) before November 1st, the Annual HIPAA Training 2018 was assigned to you on March 8, 2018. The Annual HIPAA training must be completed by May 31st to avoid sanctions (i.e., access to email, RASCAL, etc., will be suspended).
- If you are a New Hire, an existing workforce member who did not complete the 2017 HIPAA training in StridePoint, OR an existing workforce member who was not assigned the Annual training on March 8th, you need to complete the New Hire HIPAA Privacy and Security Essentials Training.
- If the Annual HIPAA or the New Hire Training is not assigned to you, do not click 'ADD TO PLAN'. Please contact 5-HELP for additional information.
If you experience issues using or completing the training please:
- Use the link embedded in the email notification you received directly from “firstname.lastname@example.org” to go to the course assigned to you.
- If you did not receive an email as mentioned above, go to the Enterprise Learning Management System, log in with your UNI and password, and click on “My Learning Plan”. Any training assigned to you will be listed. If the Annual HIPAA or the New Hire Training is not assigned to you, do not click 'ADD TO PLAN'. Please contact 5-HELP for additional information.
For technical assistance contact the Service Desk at extension 5-HELP (212-305-4357), option 5, or email email@example.com. Please be able to provide any specific error message(s) you may receive when using the online training.
- Make sure you are using the correct link for training. Refer to any email you received about your training to verify whether you must complete Annual or New Hire training.
- Make sure you are using your Columbia UNI account and its password to log in. This is the same login you would use for programs such as MyColumbia or Courseworks.
- If your web browser appears to stall or becomes unresponsive during training, close it completely then reopen and re-launch the course.
- If restarting your default web browser does not work, try using an alternate browser (such as Chrome) as a work around:
- Rather than using a "normal" left-click on the link to start the online training in your computer's default browser, right-click on the link and select "Open with" from the menu that appears. Select another browser from the list that appears such as Chrome.
General Training Information
The Columbia University HIPAA Covered Entity, which includes the Columbia University Medical Center, is governed by the HIPAA and HITECH regulations. As part of that governance, all members of the Covered Entity workforce must complete this training on an annual basis. Course content has been updated to include current Privacy and Information Security regulations that govern Columbia, as well as additional information from related Columbia University policies.
Security Essentials Content
Security breaches are caused by the loss or theft of computers and devices, accidental sharing of information and social engineering. It is important that we understand the full impact of a breach to the University (e.g., fines and lawsuits, public embarrassment, loss of valuable assets). This training will help:
- Define information security breaches, provide examples, explain their root cause and walk you through the steps to prevent them.
- Explain how to safely use computing devices, create strong passwords and protect information when traveling or working remotely.
- Explain how to comply with the Email Usage Policy.
- Explain common threats, such as social engineering, phishing and account compromises.
HIPAA Privacy Content
The HIPAA Privacy Rule applies to the faculty, staff, and students within the covered entity of the University. This training module will provide information related to the Federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the definition of Protected Health Information (PHI). This training will:
- Provide information about the HIPAA Privacy requirements including information about the elements of the Privacy Program.
- Review HIPAA Privacy related policies and procedures.
- Provide information about the Notice of Privacy Practices (NPP) which summarizes patient rights related to the access, use and disclosure of their information.
- Provide information about the Columbia Hybrid Entity designation.
| TOP |
Last updated 3/14/2018