Information Privacy and Security training ensures compliance and education for the OHSU workforce through such venues as the Compass learning management system and in-person trainings, which help promote an environment based on respect, while protecting private and confidential information.

Web-based training

All members of OHSU's workforce (employees, volunteers, students, trainees and some contractors) must complete the Information Privacy and Security Essentials course in order to receive an OHSU badge. Depending on a member's role and/or department, additional courses may be required to obtain a badge.

Information privacy and security essentials

This is required training for all OHSU Members. Topics include:

  • Information types at OHSU
  • OHSU's status as a HIPAA covered entity
  • Categories of restricted information
  • Protected health information (PHI)
  • Recognizing PHI
  • Deciding whether Intelligent Hub is right for you
  • Storage of restricted information: Encryption
  • Disposal of restricted information: paper, CDs/DVDs, electronic drives, medication
  • Protecting information in transit: email, fax, mail, and physical transport
  • Common privacy and security risks: using Wi-Fi, photography on campus, social media
  • Strategies for protecting PHI
  • Password management basics
  • Phishing defense
  • Malware awareness
  • Business associate agreements in health care
  • Cloud computing rules at OHSU
  • Examples of common information privacy and security incidents
  • Reporting data privacy and security incidents
  • Managers' responsibilities for overseeing employees' use and disclosure of PHI (Managers' course)
  • Managers' responsibilities regarding security reviews and exceptions (Managers' course)

For more information, visit Compass Learning & Performance O2 site

Questions on Compass?  Contact or call 503-494-5902