The Privacy and Security Rules require formal education and training of the workforce to ensure ongoing accountability for privacy and security of PHI. A covered entity must train all members of its workforce on the policies and procedures with respect to PHI. This training must be done yearly and must be documented by the covered entity.
If your UNC department is considered a "health care component", yearly training for employees and student employees is required. If you would like the UNC HIPAA trainer to provide training to your staff, contact our office.
If you currently have a designated HIPAA trainer in your office and you wish to complete the Self Audit, you may do so. This must be completed and submitted to our office yearly for review. In addition, all employees are required to sign a Confidentiality Statement each year.