I am a program director of a college-based x-ray technology program. Our graduates work in hospitals and other health care agencies. What should we, as educators, be teaching them about their responsibilities under HIPAA? Are there any resources that specifically address the health care worker's role?
As educators, there are various things that you can be teaching your students. The most prominent is that HIPAA is not about IT or techie stuff; it's about culture and mindset that ends up being everyone's responsibility. It's every health care worker's responsibility to ensure that private health information stays that way. Check out and refer your students to my SearchSecurity.com column "Instilling a HIPAA mindset."
Also, check out my column "HIPAA compliance doesn't come in a box" for insight into why health care workers shouldn't believe vendors when they tell them that their organization will be HIPAA compliant if they use their systems/products.
One other critical bit of awareness that you can share with them is that their organizations must offer HIPAA training and awareness programs in an ongoing basis. If they are not, they need to be asking why, so that the proper programs can be put in place and no one gets in trouble.
For more information on this topic, visit these other SearchSecurity.com resources:
This was first published in April 2003