How To Do a HIPAA Risk Assessment – Part 4

Now that you have the required HIPAA policies and procedures in place, your employees must be trained to follow those documents. We help our clients stay on the right side of inevitable OCR audits by making sure all employees are adequately trained on the practice’s policies and procedures.

We can help your practice get up to date and prepared to minimize breach risks from employees and third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

Do not be caught off guard. The OCR will expect that your staff is fully trained on all of your practice’s policies and procedures. 

The HIPAA Security Rule emphasizes the importance of training by requiring a security awareness and training program for all of the workforce.

Without the necessary training, your practice’s policies and procedures are useless.

Practices are required by the HIPAA Security Rule to ensure compliance on the part of their workforce. The way to demonstrate compliance to the OCR in the face of an audit is to train your employees.

When is training necessary?

  1. At least annually;
  2. Any time your policies or procedures are updated; and
  3. New employees must be trained upon joining your practice.

In the case of an audit, the OCR will expect to see documentation of your HIPAA trainings. We help our clients meet this barrier by providing them with training logs and outlines after we complete their security awareness and training program.

Staff members should receive copies or have access to the practice’s policies and procedures.

Not only is training required by the OCR, but sufficient training will also help your practice to avoid potential security breaches and to mitigate any damages from breaches that do occur.

We can help you plan and implement regular HIPAA compliance audits. Contact us today!

Come back next week for our final installment in this series on HIPAA Risk Assessments.

We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, click here to Subscribe.

Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors?  We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out


Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.