UW Medicine Compliance

HIPAA Training FAQ

General Information on HIPAA Privacy and Information Security Training

Who must be educated on UW Medicine Privacy policies and Information Security policies?
Who is considered a UW Medicine “workforce member”?
What entities are considered “UW Medicine”?
Is the UW School of Medicine subject to the UW Medicine Privacy policies and Information Security policies?
Where can I find the UW Medicine Privacy policies and Information Security policies?

Training for Newly Hired Workforce Members

What must a person do to be compliant with policy?
Where can I find the forms that a workforce member needs to sign?
How does a person sign up for online privacy training?
What’s a “curriculum track” and where can I find this information?
When does a UW Medicine workforce member complete online privacy training?

Training for Residents and Clinical Fellows

What are the requirements for residents and clinical fellows who match through/with UW Medicine graduate medical education programs?
What are the requirements for visiting residents and clinical fellows from Madigan, Swedish, Virginia Mason, or the VA?
What are the requirements for visiting residents and clinical fellows from other non-UW Medicine institutions?

Training for New Workforce Members Working Elsewhere

I hired a new staff member but they’ll be working only at the VA. How do they comply with UW Medicine policy?
I hired a new staff member and they’ll be working at UW and at HMC, or another UW Medicine entity. How do they comply with UW Medicine policy?

Training for a New Workforce Member with Prior Training

I hired a new staff member who will carry out their employment obligations at UW. They can show evidence of completing privacy training at another institution. How do they comply with UW Medicine policy? Can they get “credit” for privacy training taken at another institution?
What information does a UW Medicine Compliance office need in order to give a new workforce member “credit” for privacy training taken at another UW entity?

Enforcement of Privacy and Information Security Training Requirements

How does UW Medicine enforce the privacy and information security training requirement?
What types of sanctions are available to department leadership to encourage compliance with privacy and information security training policy?
Who initiates sanctions for non-compliance with the privacy and information security training policy?
Despite several reminders, a workforce member has not completed the required training. What steps can be taken?