Privacy and security are challenging enough within the walls of a hospital or business office. But as the number of remote staff increases, privacy and security officers must be prepared to pioneer a new environment of remote home offices and mobile devices.
HIPAA privacy and security professionals work hard to create commonsense policies and procedures and lobby for the best technical safeguards for their organizations. But time and again that hard work is wiped out by the most persistent threat of all: insider threat.
The HIPAA Security Rule isn't specific about the timing of training, but it includes awareness building, reminders, and specific topics that must be addressed. Education, training, and awareness building are critical to privacy and security compliance.