IDP Training

The Ohio State University’s institutional data is important to protect. That data comes in different forms, and not all staff members deal with the same types. To understand you what kinds of data you may access and how to best protect it, we ask individuals to complete only the activity that applies to their specific role.

Ohio State offers two educational options for non-Medical Center staff. You should receive an email describing which educational activity applies to you and instructions on how to complete the task.

If you are unsure which training method below applies to your role, check your inbox for an email from IDP-Support@osu.edu, or email us for help.

If you have access to Restricted (S4) data but not protected health information

The Institutional Data Policy (IDP) training is required annually for individuals who have access to restricted data. This is necessary for anyone who requires access to certain administrative systems including Workday, PeopleSoft, Tableau, and the Operational Data Store.

In this training, you will:

  • Explain your responsibilities for accessing and handling institutional data
  • Identify the four classifications of institutional data
  • Describe how you will find what activities and services are permitted for each classification of institutional data
  • Explain what you should do if you suspect the loss, unauthorized access or exposure of institutional data

To access this training:

  1. Go to BuckeyeLearn and search for the "Institutional Data Policy 2025" course
  2. Complete the training as instructed
  3. Your transcript will show this training complete, and your manager will be notified that you have done your part for the year

If this training has been assigned to you, you can access it from your BuckeyeLearn transcript.

If you have access to protected health information (PHI)

Some areas of the university deal with personal health information (PHI). They are subject to the federal law establishing national standards to protect sensitive patient health information from being disclosed without a patient’s consent or knowledge. This law is the Health Insurance Portability and Accountability Act of 1996, or HIPAA. 

This is different from the Institutional Data Policy (IDP) training, but is equivalent to that course. You only need to take one.

To access this training:

  1. Go to BuckeyeLearn and search for the "HIPAA and Institutional Data Compliance FY25" course
  2. Complete the training as instructed
  3. Your transcript will show this training complete, and your manager will be notified that you have done your part for the year

If this training has been assigned to you, you can access it from your BuckeyeLearn transcript.

NOTE: Medical Center employees must take the HIPAA and Institutional Data Compliance training by June 30 of each year. All other others taking this training must complete it between February 1 and April 25. If you take this course and sign the agreements, you do not need to take “Institutional Data Policy” training or the “IDP awareness activity” in C4U. 

Learn more about the Institutional Data Policy.