Required Training

At OU, required training is a fundamental aspect of clarifying employee expectations and responsibilities. It plays a vital role in minimizing legal, financial, and physical risks that may arise during your employment. This training covers a wide range of topics, including state and federal laws, university policies, and procedures relevant to your role within the organization. We understand that these are essential for every employee, regardless of their position.

Required for All Norman Employees

Preventing Harassment and Discrimination (Title IX)

Who Needs It:
All new and current employees (students, temporary, part-time, and full-time) must complete the training within the first 30 days of employment and then again annually.

How to Take It:
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Registered Training."

General Safety/Hazard Communication

Who Needs It:
All employees must complete General Safety/Hazard Communication annually. Employees in certain roles (such as lab techs, nurses, safety officers, and more) should check with their supervisor to determine additional environmental safety training requirements.

How to Take It: 
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this one-hour online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

For more information, contact the Environmental Health and Safety Office (EHSO) at (405) 271-3000.

Sooner Fire Safety

Description: In the event of a fire, every second counts. Knowing how to operate a fire extinguisher and where to find help can mean the difference between life and death. To ensure that all OU employees know these important life-saving procedures and to comply with federal regulations, employees are required to complete the updated Fire Safety training each year.

How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to the short, 15-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Questions: Contact the Fire Marshal offices in Norman (fire@ou.edu).

Standards of Conduct

Who Needs It: This is a one-time requirement for all full-time employees

When to Take It: Within first 60 days of employment

How to Take It: Self-enroll at http://onpoint.ou.edu. Login and click on the “Library” tab at the top of the page and choose Standards of Conduct from the list of courses. This course is not automatically assigned at this time.

Conflicts of Interest Training

Who Needs It:  The Conflict of Interest training course is designed to provide University employees with basic information about what constitutes a conflict of interest or conflict of commitment as required by the OU Board of Regents Individual Conflict of Interest Policy.
Conflicts of interest, when unmanaged or not disclosed, can harm the University’s mission and result in a loss of public trust in our research and individual medical and scientific contributions. Therefore, it is necessary for all employees to complete this training on a regular basis (once every four years) and submit a COI Disclosure Form annually.
How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the, 45-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Annual Disclosure Form: There are two components to the Conflicts of Interest process. The training portion housed in OnPoint is assigned every 4 years. In addition to the training module a disclosure form is required to be submitted annually. For Norman employees you will receive an email from Navex - donotreply@policytech.com with a link to the form when it is time to complete it each year.

Cybersecurity Training, Education, & Awareness

Who Needs It:
All new employees must complete an online cybersecurity course from KnowBe4 within the first 30 days of employment. Current employees must complete a cybersecurity course annually. 

When to Take It:
Within the first 30 days of employment and annually thereafter.

How to Take It:
This course will be automatically assigned through the KnowBe4 system. Employees will receive an email from ouit@ou.edu with instructions to logon to the KnowBe4 system. You may also log in directly to KnowBe4 using a browser at "training.knowbe4.com" using your OU email address and password.

For more information visit OU IT Cybersecurity.

Required for Norman Employees in Certain Roles

HIPAA Privacy and Security

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects patient and research participant health information and informs patients and participants of their rights with respect to the Protected Health Information (PHI).

Who Needs It:

All workforce members (employees, trainees, and volunteers) at the locations listed below must take the online HIPAA Privacy and Security training within 5 days of employment, enrollment, or appointment. Health Care Component managers must also provide a written or oral review of their specific HIPAA Policies and procedures relevant to the employee’s duties prior to giving the employees physical or electronic access to PHI. The online HIPAA Privacy and Security training must also be taken annually. 

Temporary employees and Volunteers are required to take online HIPAA Privacy and Security training if they will be volunteering for five days or more, regardless of whether the days are consecutive. Departments are required to provide personal HIPAA training to individuals who will provide services for fewer than five days before giving the individual physical or electronic access to PHI.

  • Goddard Health Center (OU Health Services and University Counseling Center)
  • Athletic Department (PROS and Center for Athletic Medicine)
  • Office of Legal Counsel and University Collections
  • Internal Auditing
  • Financial Services
  • Human Research Participant Protection Program/IRB
  • Researchers and staff performing human subjects research that the IRB has indicated requires a HIPPA Authorization or HIPPA Waiver form
  • Information Technology
  • Printing Services
  • Waste Management
  • Human Resources (Benefits)
  • Others as may be required

How to Take It: Log in with your OU username and password on the HIPAA Online Training site. If you don't have access to the training, ask your supervisor about it.

Environmental Health and Safety

Who Needs It:

Supervisors or payroll coordinators will assign the once-yearly safety training below to employees based on job duties and work environment. Training assignments are submitted through the PeopleSoft ePAF system. Contact Payroll and Employee Services about how to assign the safety training. Contact the Environmental Health & Safety Office about training content or requirements.

When to Take It:

Training is required once a year. When it's time for you to take one of the  online courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

  • Bloodborne Pathogens: Job duties include the reasonable anticipation of exposure to human blood, tissue or cell lines.
  • Tuberculosis: Job duties include patient care, working in a patient care setting or participation in the TB Skin Testing Program. 
  • Laboratory Safety: Job duties include the work or the supervision of work in a laboratory setting. 
  • DOT Shipping*: Job duties include the shipment of biological materials.
  • First Responder:  Police, Fire, Facilities Management, some Site Support and others as determined
  • Biosafety Training:  Employees working with all basic and clinical research activities involving recombinant and synthetic nucleic acid molecule, gene transfers, microorganisms, viruses and biological toxins.  This includes anyone that is working in a laboratory where these activities take place.

*DOT Shipping training is required every three years. 

Family Educational Rights and Privacy Act (FERPA)

Who Needs It: FERPA training is recommended for all employees whose job duties require that they regularly handle or review education records. Education records are defined as any student record that is maintained by the university.

When to Take It: FERPA training should be completed within the first 30 days of employment or before an employee can be given access to any student record systems including Banner and Cognos. This training should be successfully completed every 24 months after the initial FERPA training.

How To Take It: When it's time for you to take this training, you will receive an email from OnPoint Learning Management System which includes instructions and a link to this 30-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [noreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Red Flag Compliance and Awareness

The University of Oklahoma complies with federal Red Flag regulations. The following links increase awareness of risks to individuals and describe OU's responses to any Red Flag issue.

University of Oklahoma, Police Department and Identity Theft:

University of Oklahoma, Information Technology
and Identity Theft:

University of Oklahoma, Information Technology and
Pay Card Industry (PCI) Compliance:

PCI Traning is assigned on an as-needed basis. If your position or duties require you to have a PCI card, it will be assigned to you through the Online Learning Management System.

Federal regulators of financial institutions and the Federal Trade Commission, 72 Fed. Reg. 63717 (November 9, 2007) published Red Flag regulations which require each financial institution or creditor that offers or maintains one or more covered accounts to develop and implement a "written Identify Theft prevention program" designed to detect, prevent and mitigate identify theft in connection with the opening of a covered account or any existing covered account.

Campus Security Authority Training

Who Needs It:
A Campus Security Authority is an official of an institution who has significant responsibility for student and campus activities, including, but not limited to, campus police and campus security, individuals responsible for monitoring entrances into institutional buildings and/or property, individuals or organizations specified as a place where students and employees should report criminal offenses, student housing, student discipline, and campus judicial proceedings." For example, a dean of students who oversees student housing, a student center, or student extra-curricular activities, has significant responsibility for student and campus activities. Similarly, a director of athletics, a team coach, and a faculty advisor to a student group also have significant responsibility for student and campus activities. A single teaching faculty member is unlikely to have significant responsibility for student and campus activities, except when serving as an advisor to a student group or traveling on a university-sponsored overnight trip with students. A physician in a campus health center or a professional counselor in a counseling center whose only responsibility is to provide care to students is unlikely to have significant responsibility for student and campus activities. Clerical staff are unlikely to have significant responsibility for student and campus activities.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Youth Protection (Formerly Minors On Campus)

Who Needs It:
All new and experienced College and Department faculty, staff or students who are responsible for organizing or supervising or who participate in University sponsored on campus or off campus events and activities directed toward children and teenagers under the age of 18. This training is also applicable to employees who work with third party organizations that bring such events and activities onto University campuses.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Sponsored Research and Compliance

Who Needs It:

All Norman employees who are, or may become, involved in conducting, administering, and/or otherwise managing any aspect of externally sponsored projects (research, creative activity, instruction/training, or public service) must complete the Sponsored Research and Compliance training, including faculty, staff, temporary employees, graduate assistants, student employees, and anyone who monitors, reconciles, or manages financial accounts for this type of activity. This also includes anyone who is eligible, but not currently performing, any of these responsibilities.

When to Take It:

This training is required periodically every 1-3 years as assigned in OnPoint. Department administrators must first designate the training for each individual through the ePAF in HR PeopleSoft. When it's time for you to take the course, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

Required for All HSC Employees

HIPAA Privacy and Security

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects patient health information and informs patients of their rights with respect to the Protected Health Information (PHI).

Who Needs It:

All OUHSC and OU-Tulsa HSC workforce members (employees, trainees, students, and volunteers) must take online HIPAA Privacy and Security training within 5 days of employment, enrollment, or appointment. Health Care Component managers must also provide a written or oral review of their specific HIPAA Policies and procedures relevant to the employee's duties prior to giving the employees physical or electronic access to PHI. The online HIPAA Privacy and Security training must be taken annually (electronic reminders will be generated for OUHSC employees).

Temporary employees and Volunteers are required to take the online HIPAA Privacy and Security training if they will be volunteering for five days or more, regardless of whether the days are consecutive. Departments are required to provide department-specific HIPAA training to individuals who will provide services for fewer than five days before giving the individual physical or electronic access to PHI.

  • NOTE: Employees and volunteers in areas where computers are not provided or available, such as Site Support or General Services, may take printed versions of the HIPPA training materials and/or attend in-person training annually in place of the online training, at the discretion and direction of their manager.

How to Take It: Log in with your HSC username on the HIPAA Online Training site.

Preventing Harassment and Discrimination (Title IX)

Who Needs It:
All new and current employees (students, temporary, part-time, and full-time) must complete the training within the first 30 days of employment and then again annually.

How to Take It:
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Registered Training."

General Safety/Hazard Communication

Who Needs It:
All employees must complete General Safety/Hazard Communication annually. Employees in certain roles (such as lab techs, nurses, safety officers, and more) should check with their supervisor to determine additional environmental safety training requirements.

How to Take It: 
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this one-hour online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

For more information, contact the Environmental Health and Safety Office (EHSO) at (405) 271-3000.

Sooner Fire Safety

Description: In the event of a fire, every second counts. Knowing how to operate a fire extinguisher and where to find help can mean the difference between life and death. To ensure that all OU employees know these important life-saving procedures and to comply with federal regulations, employees are required to complete the updated Fire Safety training each year.

How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the short, 15-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Questions: Contact the Fire Marshal offices at HSC (fire-marshal@ouhsc.edu).

Standards of Conduct

Who Needs It: This is a one-time requirement for all full-time employees

When to Take It: Within first 60 days of employment

How to Take It: Self-enroll at http://onpoint.ou.edu. Login and click on the “Library” tab at the top of the page and choose Standards of Conduct from the list of courses. This course is not automatically assigned at this time.

Conflicts of Interest Training

Who Needs It:  The Conflict of Interest training course is designed to provide University employees with basic information about what constitutes a conflict of interest or conflict of commitment as required by the OU Board of Regents Individual Conflict of Interest Policy.
Conflicts of interest, when unmanaged or not disclosed, can harm the University’s mission and result in a loss of public trust in our research and individual medical and scientific contributions. Therefore, it is necessary for all employees to complete this training on a regular basis (once every four years) and submit a COI Disclosure Form annually.
How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the, 45-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Annual Disclosure Form: There are two components to the Conflicts of Interest process. The training portion housed in OnPoint is assigned every 4 years. In addition to the training module a disclosure form is required to be submitted annually. For HSC employees, you will receive an email from COIHSC@ouhsc.edu with a link to the form when it is time to complete it each year.

Cybersecurity Training, Education, & Awareness

Who Needs It:
All new employees must complete an online cybersecurity course from KnowBe4 within the first 30 days of employment. Current employees must complete a cybersecurity course annually. 

When to Take It:
Within the first 30 days of employment and annually thereafter.

How to Take It:
This course will be automatically assigned through the KnowBe4 system. Employees will receive an email from ouit@ou.edu with instructions to logon to the KnowBe4 system. You may also log in directly to KnowBe4 using a browser at "training.knowbe4.com" using your primary OU email address and password.

For more information visit OU IT Cybersecurity.

Required for HSC Employees in Certain Roles

Environmental Health and Safety

Who Needs It:

Payroll coordinators will assign the once-yearly safety training below to employees based on job duties and work environment. Training assignments are submitted through the PeopleSoft ePAF system. Contact Payroll and Employee Services about how to assign the safety training. Contact the Environmental Health & Safety Office about training content or requirements.

When to Take It:

This training is required once a year. When it's time for you to take one of the online courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

  • Bloodborne Pathogens: Job duties include the reasonable anticipation of exposure to human blood, tissue or cell lines.
  • Tuberculosis: Job duties include patient care, working in a patient care setting or participation in the TB Skin Testing Program. 
  • Laboratory Safety: Job duties include the work or the supervision of work in a laboratory setting. 
  • DOT Shipping*: Job duties include the shipment of biological materials.
  • First Responder:  Police, Fire, Facilities Management, some Site Support and others as determined
  • Biosafety Training:  Employees working with all basic and clinical research activities involving recombinant and synthetic nucleic acid molecule, gene transfers, microorganisms, viruses and biological toxins.  This includes anyone that is working in a laboratory where these activities take place.

*DOT Shipping training is required every three years

Payroll Coordinator Training

All HSC Payroll Coordinators are required to complete an online training through OnPoint Learning Management System (LMS). When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to access the online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Required Training."

Family Educational Rights and Privacy Act (FERPA)

Who Needs It: FERPA training is recommended for all employees whose job duties require that they regularly handle or review education records. Education records are defined as any student record that is maintained by the university. FERPA training should be completed within the first 30 days of employment or before an employee can be given access to any student record systems including Banner and Cognos. This training should be successfully completed every 24 months after the initial FERPA training.

How To Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this 30-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning Management System Administrator [noreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Red Flag Compliance and Awareness

The University of Oklahoma complies with federal Red Flag regulations. The following links increase awareness of risks to individuals and describe OU's responses to any Red Flag issue.

University of Oklahoma, Police Department and Identity Theft:

University of Oklahoma, Information Technology
and Identity Theft:

University of Oklahoma, Information Technology and
Pay Card Industry (PCI) Compliance:

Federal regulators of financial institutions and the Federal Trade Commission, 72 Fed. Reg. 63717 (November 9, 2007) published Red Flag regulations which require each financial institution or creditor that offers or maintains one or more covered accounts to develop and implement a "written Identify Theft prevention program" designed to detect, prevent and mitigate identify theft in connection with the opening of a covered account or any existing covered account.

Campus Security Authority Training

Who Needs It:
A Campus Security Authority is an official of an institution who has significant responsibility for student and campus activities, including, but not limited to, campus police and campus security, individuals responsible for monitoring entrances into institutional buildings and/or property, individuals or organizations specified as a place where students and employees should report criminal offenses, student housing, student discipline, and campus judicial proceedings." For example, a dean of students who oversees student housing, a student center, or student extra-curricular activities, has significant responsibility for student and campus activities. Similarly, a director of athletics, a team coach, and a faculty advisor to a student group also have significant responsibility for student and campus activities. A single teaching faculty member is unlikely to have significant responsibility for student and campus activities, except when serving as an advisor to a student group or traveling on a university-sponsored overnight trip with students. A physician in a campus health center or a professional counselor in a counseling center whose only responsibility is to provide care to students is unlikely to have significant responsibility for student and campus activities. Clerical staff are unlikely to have significant responsibility for student and campus activities.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Youth Protection (Formerly Minors on Campus)

Who Needs It:
All new and experienced College and Department faculty, staff or students who are responsible for organizing or supervising or who participate in University sponsored on campus or off campus events and activities directed toward children and teenagers under the age of 18. This training is also applicable to employees who work with third party organizations that bring such events and activities onto University campuses.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Research Integrity Training

Who Needs It:

All HSC employees who are involved in conducting, administering, and/or otherwise managing any aspect of externally sponsored research or creative activity must complete the Research Integrity training, including faculty, staff, temporary employees, graduate assistants, student employees, and anyone who monitors, reconciles, or manages financial accounts for this type of activity. This also includes anyone who is eligible, but not currently performing, any of these responsibilities.

When to Take It:

This training is required periodically every 1-3 years as assigned in OnPoint. Department administrators must first designate the training for each individual through the ePAF in HR PeopleSoft. When it's time for you to take the course, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

Required training should be completed as described below. Tulsa employees should look at training requirements based on their program.


Required for All Norman Employees

Preventing Harassment and Discrimination (Title IX)

Who Needs It:
All new and current employees (students, temporary, part-time, and full-time) must complete the training within the first 30 days of employment and then again annually.

How to Take It:
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Registered Training."

General Safety/Hazard Communication

Who Needs It:
All employees must complete General Safety/Hazard Communication annually. Employees in certain roles (such as lab techs, nurses, safety officers, and more) should check with their supervisor to determine additional environmental safety training requirements.

How to Take It: 
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this one-hour online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

For more information, contact the Environmental Health and Safety Office (EHSO) at (405) 271-3000.

Sooner Fire Safety

Description: In the event of a fire, every second counts. Knowing how to operate a fire extinguisher and where to find help can mean the difference between life and death. To ensure that all OU employees know these important life-saving procedures and to comply with federal regulations, employees are required to complete the updated Fire Safety training each year.

How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to the short, 15-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Questions: Contact the Fire Marshal offices in Norman (fire@ou.edu).

Standards of Conduct

Who Needs It: This is a one-time requirement for all full-time employees

When to Take It: Within first 60 days of employment

How to Take It: Self-enroll at http://onpoint.ou.edu. Login and click on the “Library” tab at the top of the page and choose Standards of Conduct from the list of courses. This course is not automatically assigned at this time.

Conflicts of Interest Training

Who Needs It:  The Conflict of Interest training course is designed to provide University employees with basic information about what constitutes a conflict of interest or conflict of commitment as required by the OU Board of Regents Individual Conflict of Interest Policy.
Conflicts of interest, when unmanaged or not disclosed, can harm the University’s mission and result in a loss of public trust in our research and individual medical and scientific contributions. Therefore, it is necessary for all employees to complete this training on a regular basis (once every four years) and submit a COI Disclosure Form annually.
How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the, 45-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Annual Disclosure Form: There are two components to the Conflicts of Interest process. The training portion housed in OnPoint is assigned every 4 years. In addition to the training module a disclosure form is required to be submitted annually. For Norman employees you will receive an email from Navex - donotreply@policytech.com with a link to the form when it is time to complete it each year.

Cybersecurity Training, Education, & Awareness

Who Needs It:
All new employees must complete an online cybersecurity course from KnowBe4 within the first 30 days of employment. Current employees must complete a cybersecurity course annually. 

When to Take It:
Within the first 30 days of employment and annually thereafter.

How to Take It:
This course will be automatically assigned through the KnowBe4 system. Employees will receive an email from ouit@ou.edu with instructions to logon to the KnowBe4 system. You may also log in directly to KnowBe4 using a browser at "training.knowbe4.com" using your OU email address and password.

For more information visit OU IT Cybersecurity.


Required for Norman Employees in Certain Roles

HIPAA Privacy and Security

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects patient and research participant health information and informs patients and participants of their rights with respect to the Protected Health Information (PHI).

Who Needs It:

All workforce members (employees, trainees, and volunteers) at the locations listed below must take the online HIPAA Privacy and Security training within 5 days of employment, enrollment, or appointment. Health Care Component managers must also provide a written or oral review of their specific HIPAA Policies and procedures relevant to the employee’s duties prior to giving the employees physical or electronic access to PHI. The online HIPAA Privacy and Security training must also be taken annually. 

Temporary employees and Volunteers are required to take online HIPAA Privacy and Security training if they will be volunteering for five days or more, regardless of whether the days are consecutive. Departments are required to provide personal HIPAA training to individuals who will provide services for fewer than five days before giving the individual physical or electronic access to PHI.

  • Goddard Health Center (OU Health Services and University Counseling Center)
  • Athletic Department (PROS and Center for Athletic Medicine)
  • Office of Legal Counsel and University Collections
  • Internal Auditing
  • Financial Services
  • Human Research Participant Protection Program/IRB
  • Researchers and staff performing human subjects research that the IRB has indicated requires a HIPPA Authorization or HIPPA Waiver form
  • Information Technology
  • Printing Services
  • Waste Management
  • Human Resources (Benefits)
  • Others as may be required

How to Take It: Log in with your OU username and password on the HIPAA Online Training site. If you don't have access to the training, ask your supervisor about it.

Environmental Health and Safety

Who Needs It:

Supervisors or payroll coordinators will assign the once-yearly safety training below to employees based on job duties and work environment. Training assignments are submitted through the PeopleSoft ePAF system. Contact Payroll and Employee Services about how to assign the safety training. Contact the Environmental Health & Safety Office about training content or requirements.

When to Take It:

Training is required once a year. When it's time for you to take one of the  online courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

  • Bloodborne Pathogens: Job duties include the reasonable anticipation of exposure to human blood, tissue or cell lines.
  • Tuberculosis: Job duties include patient care, working in a patient care setting or participation in the TB Skin Testing Program. 
  • Laboratory Safety: Job duties include the work or the supervision of work in a laboratory setting. 
  • DOT Shipping*: Job duties include the shipment of biological materials.
  • First Responder:  Police, Fire, Facilities Management, some Site Support and others as determined
  • Biosafety Training:  Employees working with all basic and clinical research activities involving recombinant and synthetic nucleic acid molecule, gene transfers, microorganisms, viruses and biological toxins.  This includes anyone that is working in a laboratory where these activities take place.

*DOT Shipping training is required every three years. 

Family Educational Rights and Privacy Act (FERPA)

Who Needs It: FERPA training is recommended for all employees whose job duties require that they regularly handle or review education records. Education records are defined as any student record that is maintained by the university.

When to Take It: FERPA training should be completed within the first 30 days of employment or before an employee can be given access to any student record systems including Banner and Cognos. This training should be successfully completed every 24 months after the initial FERPA training.

How To Take It: When it's time for you to take this training, you will receive an email from OnPoint Learning Management System which includes instructions and a link to this 30-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [noreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Red Flag Compliance and Awareness

The University of Oklahoma complies with federal Red Flag regulations. The following links increase awareness of risks to individuals and describe OU's responses to any Red Flag issue.

University of Oklahoma, Police Department and Identity Theft:

University of Oklahoma, Information Technology
and Identity Theft:

University of Oklahoma, Information Technology and
Pay Card Industry (PCI) Compliance:

PCI Traning is assigned on an as-needed basis. If your position or duties require you to have a PCI card, it will be assigned to you through the Online Learning Management System.

Federal regulators of financial institutions and the Federal Trade Commission, 72 Fed. Reg. 63717 (November 9, 2007) published Red Flag regulations which require each financial institution or creditor that offers or maintains one or more covered accounts to develop and implement a "written Identify Theft prevention program" designed to detect, prevent and mitigate identify theft in connection with the opening of a covered account or any existing covered account.

Campus Security Authority Training

Who Needs It:
A Campus Security Authority is an official of an institution who has significant responsibility for student and campus activities, including, but not limited to, campus police and campus security, individuals responsible for monitoring entrances into institutional buildings and/or property, individuals or organizations specified as a place where students and employees should report criminal offenses, student housing, student discipline, and campus judicial proceedings." For example, a dean of students who oversees student housing, a student center, or student extra-curricular activities, has significant responsibility for student and campus activities. Similarly, a director of athletics, a team coach, and a faculty advisor to a student group also have significant responsibility for student and campus activities. A single teaching faculty member is unlikely to have significant responsibility for student and campus activities, except when serving as an advisor to a student group or traveling on a university-sponsored overnight trip with students. A physician in a campus health center or a professional counselor in a counseling center whose only responsibility is to provide care to students is unlikely to have significant responsibility for student and campus activities. Clerical staff are unlikely to have significant responsibility for student and campus activities.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Youth Protection (Formerly Minors On Campus)

Who Needs It:
All new and experienced College and Department faculty, staff or students who are responsible for organizing or supervising or who participate in University sponsored on campus or off campus events and activities directed toward children and teenagers under the age of 18. This training is also applicable to employees who work with third party organizations that bring such events and activities onto University campuses.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Sponsored Research and Compliance

Who Needs It:

All Norman employees who are, or may become, involved in conducting, administering, and/or otherwise managing any aspect of externally sponsored projects (research, creative activity, instruction/training, or public service) must complete the Sponsored Research and Compliance training, including faculty, staff, temporary employees, graduate assistants, student employees, and anyone who monitors, reconciles, or manages financial accounts for this type of activity. This also includes anyone who is eligible, but not currently performing, any of these responsibilities.

When to Take It:

This training is required periodically every 1-3 years as assigned in OnPoint. Department administrators must first designate the training for each individual through the ePAF in HR PeopleSoft. When it's time for you to take the course, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

Required training should be completed as described below. Tulsa employees should look at training requirements based on their program.


Required for All HSC Employees

HIPAA Privacy and Security

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects patient health information and informs patients of their rights with respect to the Protected Health Information (PHI).

Who Needs It:

All OUHSC and OU-Tulsa HSC workforce members (employees, trainees, students, and volunteers) must take online HIPAA Privacy and Security training within 5 days of employment, enrollment, or appointment. Health Care Component managers must also provide a written or oral review of their specific HIPAA Policies and procedures relevant to the employee's duties prior to giving the employees physical or electronic access to PHI. The online HIPAA Privacy and Security training must be taken annually (electronic reminders will be generated for OUHSC employees).

Temporary employees and Volunteers are required to take the online HIPAA Privacy and Security training if they will be volunteering for five days or more, regardless of whether the days are consecutive. Departments are required to provide department-specific HIPAA training to individuals who will provide services for fewer than five days before giving the individual physical or electronic access to PHI.

  • NOTE: Employees and volunteers in areas where computers are not provided or available, such as Site Support or General Services, may take printed versions of the HIPPA training materials and/or attend in-person training annually in place of the online training, at the discretion and direction of their manager.

How to Take It: Log in with your HSC username on the HIPAA Online Training site.

Preventing Harassment and Discrimination (Title IX)

Who Needs It:
All new and current employees (students, temporary, part-time, and full-time) must complete the training within the first 30 days of employment and then again annually.

How to Take It:
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Registered Training."

General Safety/Hazard Communication

Who Needs It:
All employees must complete General Safety/Hazard Communication annually. Employees in certain roles (such as lab techs, nurses, safety officers, and more) should check with their supervisor to determine additional environmental safety training requirements.

How to Take It: 
When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this one-hour online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

For more information, contact the Environmental Health and Safety Office (EHSO) at (405) 271-3000.

Sooner Fire Safety

Description: In the event of a fire, every second counts. Knowing how to operate a fire extinguisher and where to find help can mean the difference between life and death. To ensure that all OU employees know these important life-saving procedures and to comply with federal regulations, employees are required to complete the updated Fire Safety training each year.

How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the short, 15-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Questions: Contact the Fire Marshal offices at HSC (fire-marshal@ouhsc.edu).

Standards of Conduct

Who Needs It: This is a one-time requirement for all full-time employees

When to Take It: Within first 60 days of employment

How to Take It: Self-enroll at http://onpoint.ou.edu. Login and click on the “Library” tab at the top of the page and choose Standards of Conduct from the list of courses. This course is not automatically assigned at this time.

Conflicts of Interest Training

Who Needs It:  The Conflict of Interest training course is designed to provide University employees with basic information about what constitutes a conflict of interest or conflict of commitment as required by the OU Board of Regents Individual Conflict of Interest Policy.
Conflicts of interest, when unmanaged or not disclosed, can harm the University’s mission and result in a loss of public trust in our research and individual medical and scientific contributions. Therefore, it is necessary for all employees to complete this training on a regular basis (once every four years) and submit a COI Disclosure Form annually.
How to Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to the, 45-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Annual Disclosure Form: There are two components to the Conflicts of Interest process. The training portion housed in OnPoint is assigned every 4 years. In addition to the training module a disclosure form is required to be submitted annually. For HSC employees, you will receive an email from COIHSC@ouhsc.edu with a link to the form when it is time to complete it each year.

Cybersecurity Training, Education, & Awareness

Who Needs It:
All new employees must complete an online cybersecurity course from KnowBe4 within the first 30 days of employment. Current employees must complete a cybersecurity course annually. 

When to Take It:
Within the first 30 days of employment and annually thereafter.

How to Take It:
This course will be automatically assigned through the KnowBe4 system. Employees will receive an email from ouit@ou.edu with instructions to logon to the KnowBe4 system. You may also log in directly to KnowBe4 using a browser at "training.knowbe4.com" using your primary OU email address and password.

For more information visit OU IT Cybersecurity.


Required for HSC Employees in Certain Roles

Environmental Health and Safety

Who Needs It:

Payroll coordinators will assign the once-yearly safety training below to employees based on job duties and work environment. Training assignments are submitted through the PeopleSoft ePAF system. Contact Payroll and Employee Services about how to assign the safety training. Contact the Environmental Health & Safety Office about training content or requirements.

When to Take It:

This training is required once a year. When it's time for you to take one of the online courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

  • Bloodborne Pathogens: Job duties include the reasonable anticipation of exposure to human blood, tissue or cell lines.
  • Tuberculosis: Job duties include patient care, working in a patient care setting or participation in the TB Skin Testing Program. 
  • Laboratory Safety: Job duties include the work or the supervision of work in a laboratory setting. 
  • DOT Shipping*: Job duties include the shipment of biological materials.
  • First Responder:  Police, Fire, Facilities Management, some Site Support and others as determined
  • Biosafety Training:  Employees working with all basic and clinical research activities involving recombinant and synthetic nucleic acid molecule, gene transfers, microorganisms, viruses and biological toxins.  This includes anyone that is working in a laboratory where these activities take place.

*DOT Shipping training is required every three years

Payroll Coordinator Training

All HSC Payroll Coordinators are required to complete an online training through OnPoint Learning Management System (LMS). When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to access the online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Required Training."

Family Educational Rights and Privacy Act (FERPA)

Who Needs It: FERPA training is recommended for all employees whose job duties require that they regularly handle or review education records. Education records are defined as any student record that is maintained by the university. FERPA training should be completed within the first 30 days of employment or before an employee can be given access to any student record systems including Banner and Cognos. This training should be successfully completed every 24 months after the initial FERPA training.

How To Take It: When it's time for you to take this training, you will receive an email from the OnPoint Learning Management System which includes instructions and a link to this 30-minute online training. No action is required until you receive the email from OnPoint. The From address on the email will be "Learning Management System Administrator [noreply@sumtotalsystems.com]". You may also log in directly to the OnPoint LMS and click on "Take Required Training."

Red Flag Compliance and Awareness

The University of Oklahoma complies with federal Red Flag regulations. The following links increase awareness of risks to individuals and describe OU's responses to any Red Flag issue.

University of Oklahoma, Police Department and Identity Theft:

University of Oklahoma, Information Technology
and Identity Theft:

University of Oklahoma, Information Technology and
Pay Card Industry (PCI) Compliance:

Federal regulators of financial institutions and the Federal Trade Commission, 72 Fed. Reg. 63717 (November 9, 2007) published Red Flag regulations which require each financial institution or creditor that offers or maintains one or more covered accounts to develop and implement a "written Identify Theft prevention program" designed to detect, prevent and mitigate identify theft in connection with the opening of a covered account or any existing covered account.

Campus Security Authority Training

Who Needs It:
A Campus Security Authority is an official of an institution who has significant responsibility for student and campus activities, including, but not limited to, campus police and campus security, individuals responsible for monitoring entrances into institutional buildings and/or property, individuals or organizations specified as a place where students and employees should report criminal offenses, student housing, student discipline, and campus judicial proceedings." For example, a dean of students who oversees student housing, a student center, or student extra-curricular activities, has significant responsibility for student and campus activities. Similarly, a director of athletics, a team coach, and a faculty advisor to a student group also have significant responsibility for student and campus activities. A single teaching faculty member is unlikely to have significant responsibility for student and campus activities, except when serving as an advisor to a student group or traveling on a university-sponsored overnight trip with students. A physician in a campus health center or a professional counselor in a counseling center whose only responsibility is to provide care to students is unlikely to have significant responsibility for student and campus activities. Clerical staff are unlikely to have significant responsibility for student and campus activities.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Youth Protection (Formerly Minors on Campus)

Who Needs It:
All new and experienced College and Department faculty, staff or students who are responsible for organizing or supervising or who participate in University sponsored on campus or off campus events and activities directed toward children and teenagers under the age of 18. This training is also applicable to employees who work with third party organizations that bring such events and activities onto University campuses.

When to Take It:
Training is required once a year. When it's time for you to take the courses, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".  Employees who need this training, should have it designated by their departmental payroll coordinator in PeopleSoft.

Research Integrity Training

Who Needs It:

All HSC employees who are involved in conducting, administering, and/or otherwise managing any aspect of externally sponsored research or creative activity must complete the Research Integrity training, including faculty, staff, temporary employees, graduate assistants, student employees, and anyone who monitors, reconciles, or manages financial accounts for this type of activity. This also includes anyone who is eligible, but not currently performing, any of these responsibilities.

When to Take It:

This training is required periodically every 1-3 years as assigned in OnPoint. Department administrators must first designate the training for each individual through the ePAF in HR PeopleSoft. When it's time for you to take the course, you will receive an email from the OnPoint Learning Management System (LMS) which includes instructions and a link to access the online training. You may also log in directly to the OnPoint LMS and click on "Take Required Training." No action is required until you receive the email from OnPoint. The From address on the email will be "Learning System Administrator [nopreply@sumtotalsystems.com]".

If you need assistance with any aspect of your training or face challenges related to technology or specific courses, please reach out to the appropriate contact:

  • OnPoint: For assistance with your email or other general inquiries, contact OnPoint.
  • Assigned Job-Specific Courses: To inquire about courses relevant to your role or speak with your Payroll Coordinator or supervisor.
  • Required Training and Transcripts: For any questions or concerns about required training and transcripts, please contact Learning and Development.
  • Technology Challenges: If you encounter technology-related issues, do not hesitate to get in touch with the OU Office of Information Technology at (405) 325-HELP (4357) or submit an IT Service Ticket.
  • Accommodations: If you have a disability requiring an accommodation for any of this training, please contact Human Resources. Certain departments may qualify for in-person training, subject to approval of the Office of Compliance. For more information, contact the Office of Compliance.

Supervisor Responsibility

Supervisors and managers hold the responsibility of ensuring that their team members complete all required training. It is a critical part of our commitment to maintaining a safe, compliant, and efficient work environment.

Role-Specific Training

All employees should complete the required training based on their campus and specific role. To determine the specific requirements for your role, please consult with your supervisor. This ensures that you receive training that aligns with your job's unique responsibilities and requirements.

You are Paid to Complete Required Training

According to the Fair Labor Standards Act (FLSA), the time you spend on required training, supervisor-recommended training, or job-specific training is considered compensatory time worked. This means you will be compensated for the time spent on these essential training activities.