We're excited to announce the launch of SafeStack's comprehensive HIPAA compliance learning path, designed specifically to help healthcare organizations and their business associates meet HIPAA framework security awareness training requirements.

New HIPAA Security Awareness Courses

Developed in partnership with our cybersecurity awareness training partner Mindshift, our HIPAA learning path includes two essential courses, totaling approximately 30 minutes of focused training:

An Introduction to HIPAA (≈15 minutes)

Anyone working in healthcare for a HIPAA compliant organization must understand what HIPAA is about and how it applies to their role. This foundational course covers:

• What HIPAA is and why it matters

• The Privacy Rule

• The Security Rule

• The Breach Notification Rule

• How HIPAA rules may change in emergencies

Security Awareness for HIPAA Compliant Organizations (≈15 minutes)

This practical training is designed for people working in healthcare for a HIPAA compliant organization. The course covers:

• Why and how to protect patient data

• What Protected Health Information (PHI) is

• Proper handling of patient information

• Understanding patient privacy rights

• Best practices for preventing breaches

• Breach reporting procedures

Seamless GRC Integration

We understand that compliance is about more than just training—it's about demonstrating that training to auditors and compliance frameworks. That's why we've integrated our HIPAA learning path with leading Governance, Risk, and Compliance (GRC) platforms.

Automatic Evidence Upload to Drata

Organizations using Drata can now automatically upload evidence of HIPAA training completion through SafeStack's Drata integration. When your team members complete their HIPAA courses in SafeStack, the training records are automatically synchronized with Drata, eliminating manual evidence collection and ensuring your compliance documentation is always up to date.

Automated Vanta Control Completion

For customers using HIPAA-based controls in Vanta, SafeStack automatically marks relevant controls as completed when users finish their HIPAA-related training. This seamless integration means:

• No manual control updates required

• Real-time compliance status in Vanta

• Reduced administrative overhead

• Stronger audit trails

Why HIPAA Training Matters

The HIPAA Security Rule explicitly requires covered entities and business associates to implement a security awareness and training program for all workforce members. Regular security awareness training is not just a best practice—it's a regulatory requirement.

With SafeStack's HIPAA learning path, you can:

• Meet regulatory requirements with comprehensive, up-to-date content

• Save time with automated evidence collection and control management

• Reduce risk by educating your team on proper PHI handling

• Streamline audits with integrated compliance documentation

Get Started Today

The HIPAA compliance learning path is now available to all SafeStack customers with a Security Awareness subscription. Organizations can assign these courses to their workforce and begin building a culture of compliance while automatically satisfying their GRC platform requirements.

Ready to strengthen your HIPAA compliance program? Contact us today!

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls. Security training provided by SafeStack forms an integral part of a robust compliance and security control strategy.

We are happy to announce our new Drata integration functionality, allowing customers to automatically upload completion evidence of their learners’ security training, from SafeStack, into Drata.

Just pick the learning paths you want to track when setting up the integration and you’re good to go! When users complete their learning paths, an evidence PDF will be generated and uploaded to Drata automatically, marking their own security training as completed within Drata.

This removes the hassle of uploading evidence manually for your team and keeps compliance information in Drata up to date.

If your organization is using, or planning to use Drata to automate compliance related tasks, check out our Drata integration today.

The SafeStack - Vanta integration now sends your users' security and compliance training data to Vanta every hour, so it can be included in Vanta's monitoring and reports.

SafeStack’s Security Awareness programme contains a lot of courses that help you meet compliance training requirements for frameworks like ISO27001, PCI DSS and SOC2.

If your organization is using Vanta to automate compliance related tasks, check out our Vanta integration to send your SafeStack users - and their compliance training information, automatically to Vanta.

SafeStack can now sync your user information with Vanta.

Vanta automates the complex and time-consuming process of SOC 2, HIPAA, ISO 27001, PCI, and GDPR compliance certification, and helps SaaS businesses of all sizes manage risk and prove security in real time.

SafeStack will send your user information to Vanta every hour, so it can be included in Vanta's monitoring and reports. This data will be tagged as originating from SafeStack.

To get started, head over to the Integrations section to connect your Vanta account with SafeStack. You’ll need to be a Vanta administrator to configure the integration.