5 Reasons Universities Should Take HIPAA Training Seriously

by | Sep 10, 2022

Universities that aim to train the leaders of tomorrow´s healthcare industry must do everything in their power to prepare their students for the many challenges that they will face during their educational and professional lives.

Healthcare students are facing ever-greater data security challenges today due to the increased activity of professional hackers and cybercriminals and the need to be aware of all their obligations under the Health Insurance Portability and Accountability Act (HIPAA) when handling protected health information (PHI).

All universities providing healthcare-related courses should also be providing in-depth and up-to-date HIPAA training for their students as well as security awareness training. There are many good reasons for this and here we provide five of the most important reasons for you to consider.

1. University HIPAA Training for Healthcare Students is Seen as Inadequate by Healthcare Leaders

A survey of 7,000 healthcare professionals conducted by ComplianceJunction in 2020 revealed that there is a general perception that HIPAA training currently being provided to students at universities is not up to the required standard for the needs of today’s modern healthcare environment. In many cases, the training provided at universities consists of a few PowerPoint slides that are not up-to-date or fit for purpose.

Static HIPAA training content may have been acceptable during the era before the proliferation of social media platforms and the rise of massive data privacy breaches, but this approach is now outdated and insufficient. One respondent to the survey provided feedback that said:

“I think our biggest challenge is related to the education of the staff. I don’t think that health science programs do a very good job of educating the future healthcare workers on proper, defensible, documentation or on privacy and security. I think everyone who works in healthcare should understand the basics of each of those topics.”

2.  HIPAA Breach Rates are Increasing Significantly

Some 28,756,445 individuals were impacted by HIPAA breaches during 2020. The HHS’ Office for Civil Rights (OCR) was notified of 616 separate data breaches where 500 or more individuals were affected. This spike in data breaches can be clearly seen in the chart below.

Cybercriminals noticeably increased their activity as the majority of organizations shifted to working remotely due to the COVID-19 pandemic as lockdowns were imposed around the world. As this move was introduced so quickly, security vulnerabilities were introduced that were rapidly exploited by hackers. Many of those vulnerabilities have still not been fully mitigated. Vulnerabilities also apply to humans. Without appropriate security awareness training, healthcare students will be unaware of the risks and how to identify potential threats.

3. Healthcare Students Need to Understand HIPAA

From the beginning of their college education, healthcare students are placed in real-life hospital environments where they must be fully aware of their legal obligations with respect to healthcare data and patient privacy. Healthcare students need to be provided with practical advice about their obligations as per HIPAA legislation prior to being permitted to interact with patients and access patient records.

Conducting HIPAA and cybersecurity training as early as possible will not only better prepare students for work placements, it will also give them a competitive edge when it comes to seeking employment following the completion of their formal education. Additionally, graduates from universities that provide a top-quality HIPAA training regime will be much sought after due to the lower likelihood of them accidentally violating HIPAA.

4. Universities Can Suffer Reputational Damage if their Students Cause a HIPAA Breach

Universities must do everything possible to protect the reputation of their institution from being damaged as a result of a HIPAA breach committed by their students when they take on work placement programs. Should a data breach occur, it may prove difficult to repair the public reputation of the university.

Breaches are widely reported in the media and quickly become linked to the university where the student responsible is being educated. It can take a lot of work to rebuild the hard-earned reputation of a university after a HIPAA breach. In recent years there have been HIPAA breaches recorded at many universities and teaching hospitals, including:

  • A 2020 data privacy breach at the University of Minnesota where several email accounts were accessed by cybercriminals.
  • Two HIPAA breaches in 2018 at Purdue University involving unauthorized remote access to a device and a separate malware attack.
  • The University of South Carolina discovered multiple incidents where patient records were being accessed without authorization. Several employees were fired for snooping on patient medical records.

Making sure that your students are provided with access to a high-quality HIPAA training program is an effective way of avoiding these damaging privacy breaches.

5. Data Privacy Legislation Requirements Around the World are Increasing

A 2020 report produced by Gartner estimated that there is data privacy legislation for roughly 65% of the global population at present. As universities are educating the leaders of tomorrow, they need to recognize this and meet the challenge of providing their students with the training that they need to be able to comply with global privacy laws. In 2021, data privacy is part of everyone’s personal and professional lives so it is only common sense the future leaders of the healthcare industry are given the best possible HIPAA training.

The addition of a HIPAA training program to the curriculum of a healthcare student will give them the edge that they need for joining the workforce in any location.


If you are looking to give your student population the best education possible, and ensure that they are conscious of everything they must do to avoid violating HIPAA, then it is vital that they are provided with an in-depth and up to date HIPAA training course as part of their university education.

If you would like to preview the HIPAA training for students program offered by ComplianceJunction please complete the form below.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy