hipaa-employee-training

Installation
SKILL.md

HIPAA Employee Training — 45 CFR §164.530(b) and §164.308(a)(5)

Overview

The HIPAA Privacy Rule at 45 CFR §164.530(b)(1) requires covered entities to train all members of the workforce on the policies and procedures with respect to PHI as necessary and appropriate for the members of the workforce to carry out their functions. The Security Rule at 45 CFR §164.308(a)(5)(i) requires implementation of a security awareness and training program for all members of the workforce including management. Workforce includes employees, volunteers, trainees, and persons whose conduct is under the direct control of the entity whether or not paid by the entity (45 CFR §160.103).

Regulatory Framework

Privacy Rule Training — §164.530(b)

  • §164.530(b)(1): A covered entity must train all members of its workforce on policies and procedures with respect to PHI as necessary and appropriate for the workforce members to carry out their functions within the covered entity
  • §164.530(b)(2)(i): Training must be provided to each new member of the workforce within a reasonable period of time after joining
  • §164.530(b)(2)(ii): Training must be provided to each member of the workforce whose functions are affected by a material change in policies or procedures within a reasonable period of time after the change

Security Rule Training — §164.308(a)(5)

Installs
10
GitHub Stars
187
First Seen
May 26, 2026
hipaa-employee-training — mukul975/privacy-data-protection-skills