ITS HIPAA Training

UC Santa Cruz's Information Technology Services HIPAA Security Rule Training Requirements

HIPAA data refers to sensitive and private healthcare information protected by the Health Insurance Portability and Accountability Act (HIPAA).

To ensure the confidentiality and security of HIPAA data, all UC Santa Cruz ITS employees involved in the creation, transmission, or storage of HIPAA data are required to complete the following HIPAA training components before they gain access to HIPAA systems or data:

Complete the Healthcare Privacy Training

  • Log in to the UC Learning Center with your CruzID and Gold password. 
  • Enter "Healthcare Privacy Training'' in the search box on the left and click "go." 
  • Click on the training, then click "Start." 
  • After you complete the course, go back to your home page (click on "Learner" or breadcrumbs at the top of the page), click on your "Transcript," select the course, and click on the "diploma" icon to print the certificate of completion.

Read HIPAA Security Rule Policies and Procedures
This is the current set of ITS-specific policies and procedures for HIPAA Security Rule compliance. It is available in Google to all ITS staff (CruzID Gold login required). Employees are to read this document and work with their supervisor or contact ispolicy@ucsc.edu to address any questions. A downloadable certificate of completion for this reading is available at the end of the document; email verification of completion is also acceptable.

Read and Sign the Access to Information Statement 

Log in to the SlugHub ticket system with your CruzID and Gold password to access the form.

Recommended Resources

UCSC Password Strength and Security Standards (referenced in the above Policies and Procedures document. 

UCSC Practices for HIPAA Security Rule Compliance. This is the complete list of UC Santa Cruz practices for compliance with each of the 42 HIPAA Security Rule requirements. 

Get Help

Please contact the IT Security Policy team at ispolicy@ucsc.edu with any questions, concerns, or requests for materials regarding HIPAA training or HIPAA Security Rule compliance.