A few dozen healthcare privacy and security professionals candidly (and anonymously) shared their experiences about what it takes to get a workforce proactive in protecting the privacy of patient health information. Sometimes HIPAA training alone is just not enough to drill into peoples’ heads why and how patient information needs to be protected. Offer an Amnesty Period: Staffers are often afraid they’ll get in trouble if they admit they’ve lost a laptop or messed up in some other way that puts critical data at risk. “We see the biggest issue with security and privacy is getting the word out,” said one attendee.”]
Source: https://www.careersinfosecurity.com/blogs/tips-for-building-privacy-culture-p-1398