Home Contacts Site Map
HIPAA Training
Up UB HIPAA overview UB declarations Researchers Faculty-Students Business Associates HIPAA Training

Common HIPAA definitions

HIPAA Training

This page will list various HIPAA training options available to the University at Buffalo community.

General orientation to HIPAA

bulletDownload the presentation for Students visiting clinical training sites and UB personnel involved in research (.pdf 534KB 8/10/2012).  This presentation meets UB's obligation to provide students with a general orientation to HIPAA prior to their visiting clinical training sites, and addresses HIPAA's impact on research in a manner specific to UB researchers.  Academic programs must retain documentation of this training for students to demonstrate it was administered as required in Student Training Clinical Affiliation Agreements between UB and clinical training sites. 
bulletStudents: The key training points for UB students visiting clinical training sites are: 1) know what Health Information, Individually Identifiable Health Information and Protected Health Information is (see definitions), 2) know what identifiers need to be removed to make PHI de-identified, 3) know that in general PHI may not be removed from a covered entity (in any format, electronic, written, oral or otherwise), including for subsequent use in coursework; removal of PHI in a manner not permitted by HIPAA will expose both the student and the covered entity to HIPAA liability and substantial penalties, 4) you must receive a general orientation to HIPAA either from material on this page or from your instructor and your academic program must document that you have received this training, 5) you must also receive a HIPAA orientation from the clinical site you are visiting if they are regulated by HIPAA; such sites are mandated by HIPAA to provide this training.
bulletResearchers: The key training points for UB researchers are: The UB research function is not governed by HIPAA no matter where the research occurs, however, the acquisition of data may be.  Use this worksheet to determine whether HIPAA related information release mechanisms are required for your research.  The UB IRBs will review protocols to ensure they comply with the requirements of the worksheet and document this as part of the protocol.  Once the data has been acquired by the UB research function (researcher) in a permitted manner, the data is no longer governed by HIPAA.  Researchers may not execute any HIPAA specific contractual documents (business associate agreements, data use agreements); see position and guidance sections on this page.
bulletNOTE: The New York State Governor's Office of Employee Relations HIPAA Training WEB site with interactive questions and certificate of completion, available prior to 2012, has been taken down and is no longer available.

Other HIPAA presentations specific to UB

bulletSeptember 22, 2006 UB Senior Management Orientation (.pdf)
bulletJanuary 24, 2006 Speech-Language Hearing Grand Rounds (.pdf)
bullet(2003) UB, HIPAA and Research (.pdf)

General HIPAA presentations (more general than UB, but containing information about UB)

bulletDecember 5, 2003 The 18 th Annual Meeting of the Applied Research Ethics National Association "Session [B3] How IRBs are Implementing HIPAA: Finding the Best Fit for Your Institution"; Washington DC

Purpose: To increase awareness of the role and functions that institutional review boards have assumed in ensuring compliance with the research-related provisions of the HIPAA Standards for Privacy of Individually Identifiable Health Information


Content:  Representatives of institutional and commercial IRBs will share the polices and procedures that they put in place to address the research-related provisions of the  HIPAA privacy standards and their experiences, to date, with this new role and responsibility


Track: Advanced


Format: Panel discussion with audience participation.


Focus:  Biomedical and Social-Behavioral


Presenters: John Falletta, Tammy Sayers, Brian Murphy


(.pdf; 1.5MB; Acrobat v5 or later)



November 4, 2003 The National Council of University Research Administrators (NCURA) Annual Meeting "Concurrent Session [I] HIPAA: Is Your Institution In Compliance?"; Washington DC

Presenters: Brian Murphy (UB); Cynthia Nappa (SUNY Upstate); Peter Pileggi (SUNY)


(.pdf; 1.4MB; Acrobat v5 or later)


This material is designed for internal University at Buffalo use only and is copyrighted.  Information and documents available on this site may be freely copied and used with appropriate attribution to the University at Buffalo.  None of the information on these pages should be construed as legal advice or expert opinion with respect to how any particular function or entity engages in work to come into compliance with HIPAA.
Last updated: July 28, 2009.  Privacy Policy
Hit Counter