> 6. You need an annual HIPAA training program to remind everyone of a lot of the above
When you say 'need' do you mean 'legally required to' ? I wonder if that could work to the advantage of the poster, in that if they left because they became aware that things are not being done correctly and they have never had any such training, the legal responsibility would reflect back on the employers who had not provided such training to an obviously inexperienced employee and the CEO in particular who is the person who should have known to do that.
I am not in the USA and I think the UK has slightly better employee protections and lines of legal responsibility, at least in some areas (such as Health & Safety) but who knows..
HIPAA requires organizations to provide training for all employees, new workforce members, and periodic refresher training. The definition of “periodic” is not defined and can be left open to interpretation. However, most organizations train all employees on HIPAA annually. This is considered to be a best practice.
When you say 'need' do you mean 'legally required to' ? I wonder if that could work to the advantage of the poster, in that if they left because they became aware that things are not being done correctly and they have never had any such training, the legal responsibility would reflect back on the employers who had not provided such training to an obviously inexperienced employee and the CEO in particular who is the person who should have known to do that.
I am not in the USA and I think the UK has slightly better employee protections and lines of legal responsibility, at least in some areas (such as Health & Safety) but who knows..