Have you conducted HIPAA training?

Businessmen working on computersWe are rapidly nearing the end of the year and the reporting period is coming to an end. Have you conducted HIPAA training? Most practices I have spoken with have either said “no”, or they do the training up on hiring. Let me be clear. HIPAA training needs to be performed annually. The hard part about this, is that HIPAA doesn’t change, so why do you need training every year? Simple reasons: people forget, you have new hires, and pounding this type of information into your employees heads is not necessarily a bad thing.

When should you train?

There are 2 times that would suffice for HIPAA training.  The first is upon hiring.  Have a small PowerPoint, or word document that the new hire can review and sign off on.  You want to cover your tracks.  Some new employees say they know HIPAA, when in fact, they only know the work itself.

The other time, is towards the end of the year.  Have a lunch and learn for all your employees, and have a HIPAA trainer come in and present the important issues that affect your practice.  Again, it can never hurt to relay this important information.

Although HIPAA doesn’t change, the way we use our computers does.  A good example of this is cyber crime.  In 2003, when the HIPAA laws came out, no one ever heard of cyber crime.  Fast forward today, and you need things like antispyware, antimalware, patch management, mobile device management, social networking and more.  HIPAA has not changed, but technology has certainly evolved.  People on an average have 5 devices the IT department needs to protect.  Security is a constant challenge.  It’s not “if” you receive and attack…it’s “when”.  You need to be prepared, and you need to have proper policies and procedures in place.  If a simple HIPAA training session for 30 minutes can help with that, I say go for it!

If you would like someone from Tier3MD to come out to your office to do HIPAA training, please contact us at:  info@tier3md.com.