HIPAA Breaches & Healthcare Students

by | Mar 11, 2021

The value of providing healthcare students with Health Insurance Portability and Accountability Act (HIPAA) training cannot be underestimated as it can prevent serious data breaches from occurring while also increasing the employability of the individuals who successfully complete HIPAA training.

As the main factors that lead to HIPAA investigations are the unauthorized use and disclosures of Protected Health Information (PHI), it is clear comprehensive training for those who will eventually be handling sensitive data is the best possible place to start in order to reduce the likelihood of these events happening.

Why is HIPAA Training for Healthcare Students so Important?

HIPAA governs how healthcare providers, health plans, healthcare clearinghouses, and business associates can use and disclose PHI. Subsequent legislation allows the HHS` Office for Civil Rights to impose financial penalties and other sanctions in the event of a HIPAA violation occurring.

Due to the potential for substantial penalties, employers will likely place additional value on new recruits that have completed a HIPAA training course. More and more educational institutions are now including HIPAA training as part of their curriculum.

Since the HIPAA Privacy and Security Rules were enacted, there have been many large scale breaches that resulted from healthcare students not being fully aware of data security when they are working in a healthcare setting.

Breaches can occur due to a deliberate action of the individual responsible or due to unknowingly doing something that impacts the PHI of a patient. Given the stringent penalties for organizations that breach HIPAA, it is only natural to assume that employers will begin to favor applicants who can display a certified knowledge of how HIPAA impacts the way that they complete their work duties.

How can Healthcare Students be Helped to Avoid Committing a HIPAA Breach?

The provision of an in-depth HIPAA training course as part of a curriculum will put healthcare students in the best possible position to avoid violating the HIPAA Rules.

Following completion of this course, students should be fully aware of how PHI can be accessed, used, and disclosed in compliance with the HIPAA Privacy and Security Rules. They will have a competitive edge in the recruitment process over rivals who have not undergone a similar course of training and graduates of these courses will become increasingly valued and sought by employers.

You can review our sample training module HIPAA Training for Healthcare Students by clicking here or viewing the video below.

How can Healthcare Students Breach HIPAA?

There are many different ways in which healthcare students can do something that violates HIPAA. With adequate training almost all of these breaches could have been avoided.

  • Breaches involving sharing PHI without authorization: 
  • Breaches involving unauthorized access to PHI or EHRs: A report claims that students who have been trained to use EHRs are breaching HIPAA by continuing to track patients after they have finished treating them. A survey conducted by JAMA Internal Medicine as part of a research project found that 96.1% of medical students admitted that they had previously used EHRs to track former patients.
  • Breaches involving divulging credentials in response to phishing emails: A phishing attack at Augusta University lead to an unauthorized individual illegally obtaining access to the email accounts of two employees in July 2017. An investigation confirmed access to the employees’ email accounts was gained between April 20-21, 2017. This was not the first time that individuals at Augusta University were tricked by phishing scams. A similar breach took place in September 2016 and led to data being exposed.
  • Breaches involving lost or stolen computing devices: In 2017, one of the largest data breaches was reported by Washington State University. An unencrypted hard drive containing the data of more than 1 million individuals was stolen. The drive held personally identifiable information of participants in its research programs related to students and college graduates. The database on the drive was used to track students after graduation and contained data from 1998 to 2013. Data stored on the drive included names, addresses and Social Security numbers.

Conclusion: Providing Healthcare Students with Comprehensive HIPAA Training is Vital

HIPAA training for healthcare students can help to eliminate the possibility of a HIPAA breach occurring as a result of a lack of knowledge. It can also result in students having a better chance of securing full-time employment due to the data protection skills they have acquired.

It is important for those creating and conducting the student curriculum to include a comprehensive HIPAA training course as part of the education they provide to healthcare students.

You can sign up for the ComplianceJunction HIPAA Training Course for Students here.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy