ABSTRACT
Protection of patient data has become a critical part of the scope of practice of all healthcare professionals. Routine data breaches underscore the importance of training clinical employees in protecting these data. However, beyond exposure to HIPAA regulations, little is done to educate the healthcare student about the risks and vulnerabilities of the online environment as it pertains to health data. Most individuals receive training upon employment, and compliance with regulations and policies is problematic. This article supports the belief that educating the student prior to entering into the profession may result in improved compliance with state and federal regulations and local policies, thus providing better protections to their patients. We propose a curriculum for both undergraduate and graduate healthcare students to prepare them for understanding and complying with institutional policies once they begin their clinical rotations or are hired as employees. This curriculum addresses the roles of information technology and health information management personnel in securing patient data, local and federal legislation, and the limitation of technical security measures. This curriculum should prepare future clinicians to use their own judgment and to better understand the role of intuitional policies in protecting patient data.
