Skip to main content
NITA AccreditedIntermediatePhysical + Virtual5 daysTOHP412

Training on Healthcare Privacy & Records Security (CHPS Basics)

Learn healthcare privacy and records security basics to protect patient data, ensure compliance, and strengthen cybersecurity in healthcare systems.

Next intake

20 Jul 2026 · Nakuru

View all dates

Duration

5 days

Live instruction

Delivery

Physical + Virtual

Cohort based

Level

Intermediate

Working professionals

Certification

NITA reimbursable

For Kenyan cohorts

Language

English

All materials

Overview

About this programme

This course provides foundational knowledge and practical frameworks for protecting patient information and securing healthcare records in compliance with privacy regulations and ethical standards. Participants gain a clear understanding of healthcare data governance, confidentiality principles, access controls, risk management, and cybersecurity practices within clinical and administrative environments.

The course strengthens institutional trust, ensures regulatory compliance, and enhances the protection of sensitive health information across physical and digital records systems.

Duration 

5 Days

Who Should Attend

  • Health Records and Information Officers

  • Hospital Administrators and Managers

  • Compliance and Risk Officers

  • ICT and Health Systems Teams

  • Data Protection Officers

  • Clinical and Administrative Staff handling patient records

Learning outcomes

What you'll walk away with

By the end of the course, participants will be able to:

  • Understand healthcare privacy principles and regulatory frameworks

  • Identify risks related to patient data handling

  • Implement records security best practices

  • Apply access control and data protection measures

  • Strengthen incident response and breach management procedures

  • Promote a culture of confidentiality and ethical information handling

Course modules

What we cover, module by module

Module 1: Foundations of Healthcare Privacy

  • Patient confidentiality principles
  • Regulatory frameworks and compliance obligations
  • Ethical responsibilities in healthcare data handling
  • Case Study: Breach of patient confidentiality due to weak controls
  • Practical: Identifying privacy vulnerabilities in a healthcare setting

Module 2: Healthcare Records Management & Security

  • Lifecycle of patient records
  • Secure storage (physical and digital)
  • Retention and disposal policies
  • Case Study: Unauthorized access to archived medical files
  • Practical: Designing a secure records handling checklist

Module 3: Access Controls & Data Protection

  • Role-based access controls
  • Encryption and secure authentication
  • Monitoring and audit trails
  • Case Study: System misuse by internal staff
  • Practical: Mapping access roles within a healthcare facility

Module 4: Cybersecurity Risks in Healthcare

  • Common healthcare cyber threats
  • Phishing, ransomware, and insider threats
  • Risk assessment and mitigation strategies
  • Case Study: Ransomware attack affecting hospital operations
  • Practical: Conducting a healthcare data risk assessment

Module 5: Incident Response & Breach Management

  • Detecting and reporting data breaches
  • Regulatory notification requirements
  • Post-incident review and corrective action
  • Case Study: Delayed breach reporting consequences
  • Practical: Developing a healthcare data breach response plan
Impact

Where the change lands

Personal Impact

  • Strong understanding of healthcare privacy regulations

  • Improved ability to secure patient records

  • Enhanced awareness of cybersecurity risks

  • Greater confidence in handling sensitive information

Organizational Impact

  • Reduced risk of data breaches and regulatory penalties

  • Strengthened compliance and audit readiness

  • Improved patient trust and institutional credibility

  • Enhanced information governance and data protection culture

Dates and locations

Upcoming intakes

Every intake is limited to a small cohort. Booking closes when a date fills or three weeks before the start, whichever comes first.

Full calendar
FAQs

Common questions.

Still not sure? Send us a note and a facilitator will get back to you within a business day.

Yes. It is designed for both clinical and administrative professionals handling patient records.

Course finder

Find the right course for you

Prefer to talk it through? Send us an enquiry and a facilitator will scope a fit within a business day.

For corporate teams

Training 10+ professionals?

We deliver Training on Healthcare Privacy & Records Security (CHPS Basics) in-house at your offices, at a venue we arrange, or fully virtual. Customise the curriculum against your KPIs, and get a bespoke price for the cohort size you need.