Core Learning Objective clipboard check icon

List Requirements for Protecting Health Information

Sample Training Plans

Self-paced online training (e.g., curated reading list, videos, or eLearning course) is suggested. Inclusion of a post-test is strongly recommended.

Content describing non-CDC tools on this site is provided for informational purposes only and is not intended to indicate endorsement, actual or implied, of the tools. Additionally, information on this site is provided “as is,” for users to evaluate and make their own determination as to their effectiveness.

Topic areas and training resources

  • Overview of health information privacy/security
    • Why it is important to protect health information
    • Potential consequences if data are not protected

Training catalog

Making Contact: A Training for COVID-19 Contact Tracers: The Basics of Contact Tracing – Lesson 2

Topic areas: Health information privacy and confidentiality

  • Register: https://www.train.org/main/course/1091302/compilationexternal icon
  • Target audience: Contact tracers
  • Description: The goal of lesson 2 (The Basics of Contact Tracing) is to provide an overview of the principles that will guide your work as a contact tracer. You will have the opportunity to learn basic definitions of contact tracing, gain an understanding of the steps involved, and become aware of the importance of confidentiality. Please note, lessons must be completed in order from one to four .

Learning objectives:

  1. Define PUI, contact, and contact tracing
  2. Describe the objectives of contact tracing
  3. List four fundamentals of contact tracing
  4. Describe the importance of privacy protections
  5. Identify the four main steps involved in the contact tracing process

IDPH Office of Health Protection Data Security & Confidentiality Guideline Training

Topic areas: Health information privacy/security, health information data security

  • Register: https://www.train.org/main/course/1058826/external icon
  • Target audience: Local public health staff who have access to confidential information
  • Description: The purpose of this training is to provide an overview of the Data Security and Confidentiality Guidelines developed by the Illinois Department of Public Health Office of Health Protection and review the federal and state statutes, rules, and regulations that address the legal protection of confidential health information. This course also outlines the standards and requirements for state and local health department staff as well as community based organizations in the collection, transmission, storage, and maintenance of confidential information.

Learning objectives:

  1. Provide an overview of the Data Security and Confidentiality Guidelines
  2. Review federal and state statutes, rules, and regulations regarding health information
  3. Outline the standards and requirements for state and local health department staff as well as community-based organizations in the collection, transmission, storage, and maintenance of confidential information
  4. Understand your role in keeping data secure in terms of: data collection, data sharing and release, and physical security

HIPAA Awareness – Module 1

Topic areas: Health information privacy and confidentiality

  • Register: https://www.train.org/main/course/1047429/external icon
  • Target audience: Public health and healthcare professionals
  • Description: This 20-minute HIPAA Awareness Training was developed by the Kansas Department of Health and Environment and is provided for the convenience of Kansas public health and healthcare agencies. We recommend this course for new employees, employees who have not had HIPAA training in the past or as a refresher course.

Learning objectives:

  1. Explain the source of HIPAA
  2. Identify two HIPAA rules
  3. Indicate two on-site HIPAA information sources
  4. Identify two violation consequences

ADH HIPAA Privacy and Security Training

Topic areas: Health information privacy and confidentiality

  • Register: https://www.train.org/main/course/1009552/external icon
  • Target audience: General Public Health Staff
  • Description: This training is designed to help educate Arkansas Department of Health (ADH) staff concerning HIPAA legislation, the proper use and disclosure of protected health information (PHI), the proper safeguards for confidential information including electronic protected health information (ePHI) or other confidential information), and highlights from ADH HIPAA Policies and Procedures. It is not intended to replace ADH Policies.

Learning objectives:

  1. Describe HIPAA
  2. Discuss the proper use and disclosure of protected health information
  3. Identify safeguards for confidential information including electronic protected health information
  4. Explain ADH HIPAA Policies and Procedures

Health Information Privacy and Confidentiality

Topic areas: Health information privacy and confidentiality

  • Register: https://www.train.org/main/course/1065718/external icon
  • Target audience: Allied health professionals, nurses, general public health staff, information systems professionals
  • Description: Medical records are subject to privacy and confidentiality. This webinar will explore existing regulations and Health Insurance Portability and Accountability Act (HIPAA) as it relates to patient information. As we embark on the age of highly efficient technological capabilities, the ability to protect medical records has many challenges. Building public trust brings awareness to how privacy and confidentiality are properly handled through the course of research or student projects. We will discuss general aspects centered on the sensitive subject of cyberspace and medical record security. Recommendations based on the laws that govern privacy, along with research findings, will be shared.

Learning objectives:

  1. Explain patient privacy and confidentiality as it relates to HIPAA
  2. Discuss who has rights to patient records
  3. Assess advantages and disadvantages of electronic records
  4. Discuss American Public University System (APUS) and HIPAA

COVID-19: Data Sharing for Public Health Surveillance, Investigation and Intervention

Topic areas: Health information privacy and confidentiality, ethics of data collection during an outbreak

  • Register: https://www.train.org/main/course/1090857/external icon
  • Target audience: Public health professionals
  • Description: Public health’s COVID-19 surveillance, investigation and intervention balances an individual’s right to privacy against the public’s and other’s right to know. Amid the COVID-19 outbreak, questions about data sharing under a national emergency have surfaced. Is HIPAA still fully in effect during this public health emergency? How does HIPAA apply to public health departments? What COVID-19 information may public health share with the media, emergency responders, law enforcement and others? This webinar will identify various federal and state laws, including HIPAA, that impact public health’s ability to share COVID-19 information.

Learning objectives:

  1. Review current data sharing questions facing your peers
  2. Understand HIPAA’s data sharing limitations and opportunities
  3. Provide an awareness of other federal and state law considerations

Information Privacy & Security (IPS)

Topic area: Health information data security

  • Register: https://about.citiprogram.org/en/series/information-privacy-and-security-ips/external icon
  • Target audience: Teachers, educators, IRB administrators, administrators, IRB members, individuals working with identifiable health data (HIPAA-defined “PHI”), researchers, instructors, students
  • Description: IPS covers the principles of data protection, focusing on the healthcare-related privacy and information security requirements of the Health Insurance Portability and Accountability Act (HIPAA) and the educational records and data-related requirements of the Family Educational Rights and Privacy Act (FERPA).

Data Management in Disasters & Public Health Emergencies Recording

Topic area: Ethics of data collection during an outbreak

  • Register: https://www.train.org/main/course/1080061/external icon
  • Target audience: Researchers, analysts, public health professionals, information systems professionals
  • Description: Nicole Strayhorn, National Library of Medicine Associate Fellow, discussed the results of her project to identify open data sources and data sharing policies used during disasters and public health emergencies. For the purposes of this short-term project, she narrowed her research to the data needs of stakeholders, and the challenges of sharing and accessing data around the ongoing Zika virus outbreak.
Additional Contact Tracing Training