Ostendio Blog

Why mere compliance increases risk

Written by Grant Elliott | Oct 4, 2013 3:57:45 AM

 

In some cases, poor training is as bad as–if not worse than–no training it all, say John Schroeter and Tom Pendergast

By John Schroeter and Tom Pendergast
October 02, 2013 — The Department of Health and Human Services recently confirmed that a lack of training is a common cause of HIPAA compliance difficulties. But is that really such a surprise? Given the poor state of awareness training in many organizations, it’s no wonder that HIPAA violations are actually on the rise. The fact is, to achieve formal, “letter of the law” compliance, just about any form of training will do to “check the box.” But as we continue to see, bad training is, in the final analysis, practically equivalent to–or worse than–no training at all, and hence the disappointing results reported by HHS and by others who wonder why their compliance training fails.

Continue >>>
[/av_textblock]

[/av_one_full]