Overview:
ยง164.530(b)
Training.
All workforce members must receive training pertaining to the Breach Notification Rule.
Action Items:
1) Obtain and review such policies and procedures. Areas to review include training each new member of the workforce within a reasonable period of time and each member whose functions are affected by a material change in policies or procedures.
2) From the population of new hires within the audit period, obtain and review a sample of documentation of necessary and appropriate training on compliance with the HIPAA Breach Notification Rule that has been provided and completed.
3) Obtain and review documentation that workforce members have been trained on material changes to policies and procedures required by the HITECH Act.
Related Documents:
1) Policies and procedures pertaining to employee training with regards to the Breach Notification Rule.
2) Documentation of necessary and appropriate training on compliance with the HIPAA Breach Notification Rule that has been provided and completed.
3) Documentation that workforce members have been trained on material changes to policies and procedures required by the HITECH Act.
Additional Guidance:
Covered entities are also required to comply with certain administrative requirements with respect to breach notification. For example, covered entities must have in place written policies and procedures regarding breach notification, must train employees on these policies and procedures, and must develop and apply appropriate sanctions against workforce members who do not comply with these policies and procedures.
Article ID: 599
Created: September 29, 2022
Last Updated: September 29, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/hipaa-privacy-training-164-530-b-599.html