HIPAA Security Reminder of the Week

Tech Tips > Weekly Security Reminder > HIPAA Security Reminder of the Week

HIPAA Security Reminder of the Week

Security Reminders

HIPAA 164.308(a)(4) Security Reminders

Questions an Auditor may ask you (from NIST 800-66):

  • What methods are available or already in use to make or keep employees aware of security, e.g., posters or booklets?
  • Is security refresher training performed on a periodic basis (e.g., annually)?
  • Is security awareness discussed with all new hires?
  • Are security topics reinforced during routine staff meetings?

Solutions

  • Consider displaying security reminders and warning banners at log-in on all workstations.
  • Screen savers could display random security & privacy hints & tips.
  • Place posters throughout the facility to remind staff about information security and the security of physical assets.  Change these posters periodically to avoid the message going stale.
  • If your company has a newsletter (hard copy or email) have a “Compliance Corner” for news from the Privacy Officer and Information Security Officer.
  • Remind staff to complete their annual security refresher training on time.
  • Keep records of New Employee Orientation, including evidence of HIPAA awareness.
  • Provide evidence that security & privacy are discussed at staff and executive meetings (agendas and minutes).

Do you have any other great ideas for reminding staff about their security and privacy responsibilities?  Let us know!

Leave A Comment

All fields marked with an asterisk (*) are required