5 Reasons Universities Should Take HIPAA Training Seriously

Universities that aim to train the leaders of tomorrow´s healthcare industry must do everything in their power to prepare their students for the many challenges that they will face during their educational and professional lives.

Healthcare students are facing ever-greater data security challenges today due to the increased activity of professional hackers and cybercriminals and the need to be aware of all their obligations under the Health Insurance Portability and Accountability Act (HIPAA) when handling protected health information (PHI).

All universities providing healthcare-related courses should also be providing in-depth and up-to-date HIPAA training for their students as well as security awareness training. There are many good reasons for this and here we provide five of the most important reasons for you to consider.

1. University HIPAA Training for Healthcare Students is Seen as Inadequate by Healthcare Leaders

A survey of 7,000 healthcare professionals conducted by ComplianceJunction in 2020 revealed that there is a general perception that HIPAA training currently being provided to students at universities is not up to the required standard for the needs of today’s modern healthcare environment. In many cases, the training provided at universities consists of a few PowerPoint slides that are not up-to-date or fit for purpose.

Static HIPAA training content may have been acceptable during the era before the proliferation of social media platforms and the rise of massive data privacy breaches, but this approach is now outdated and insufficient. One respondent to the survey provided feedback that said:

“I think our biggest challenge is related to the education of the staff. I don’t think that health science programs do a very good job of educating the future healthcare workers on proper, defensible, documentation or on privacy and security. I think everyone who works in healthcare should understand the basics of each of those topics.”

2.  HIPAA Breach Rates are Increasing Significantly

Some 28,756,445 individuals were impacted by HIPAA breaches during 2020. The HHS’ Office for Civil Rights (OCR) was notified of 616 separate data breaches where 500 or more individuals were affected. This spike in data breaches can be clearly seen in the chart below.

Cybercriminals noticeably increased their activity as the majority of organizations shifted to working remotely due to the COVID-19 pandemic as lockdowns were imposed around the world. As this move was introduced so quickly, security vulnerabilities were introduced that were rapidly exploited by hackers. Many of those vulnerabilities have still not been fully mitigated. Vulnerabilities also apply to humans. Without appropriate security awareness training, healthcare students will be unaware of the risks and how to identify potential threats.

3. Healthcare Students Need to Understand HIPAA

From the beginning of their college education, healthcare students are placed in real-life hospital environments where they must be fully aware of their legal obligations with respect to healthcare data and patient privacy. Healthcare students need to be provided with practical advice about their obligations as per HIPAA legislation prior to being permitted to interact with patients and access patient records.

Conducting HIPAA and cybersecurity training as early as possible will not only better prepare students for work placements, it will also give them a competitive edge when it comes to seeking employment following the completion of their formal education. Additionally, graduates from universities that provide a top-quality HIPAA training regime will be much sought after due to the lower likelihood of them accidentally violating HIPAA.

4. Universities Can Suffer Reputational Damage if their Students Cause a HIPAA Breach

Universities must do everything possible to protect the reputation of their institution from being damaged as a result of a HIPAA breach committed by their students when they take on work placement programs. Should a data breach occur, it may prove difficult to repair the public reputation of the university.

Breaches are widely reported in the media and quickly become linked to the university where the student responsible is being educated. It can take a lot of work to rebuild the hard-earned reputation of a university after a HIPAA breach. In recent years there have been HIPAA breaches recorded at many universities and teaching hospitals, including:

  • A 2020 data privacy breach at the University of Minnesota where several email accounts were accessed by cybercriminals.
  • Two HIPAA breaches in 2018 at Purdue University involving unauthorized remote access to a device and a separate malware attack.
  • The University of South Carolina discovered multiple incidents where patient records were being accessed without authorization. Several employees were fired for snooping on patient medical records.

Making sure that your students are provided with access to a high-quality HIPAA training program is an effective way of avoiding these damaging privacy breaches.

5. Data Privacy Legislation Requirements Around the World are Increasing

A 2020 report produced by Gartner estimated that there is data privacy legislation for roughly 65% of the global population at present. As universities are educating the leaders of tomorrow, they need to recognize this and meet the challenge of providing their students with the training that they need to be able to comply with global privacy laws. In 2021, data privacy is part of everyone’s personal and professional lives so it is only common sense the future leaders of the healthcare industry are given the best possible HIPAA training.

The addition of a HIPAA training program to the curriculum of a healthcare student will give them the edge that they need for joining the workforce in any location.


If you are looking to give your student population the best education possible, and ensure that they are conscious of everything they must do to avoid violating HIPAA, then it is vital that they are provided with an in-depth and up to date HIPAA training course as part of their university education.

If you would like to preview the HIPAA training for students program offered by ComplianceJunction please complete the form below.