Exactly How Do You Eat an Elephant?

cute elephant scaled

As each year winds down, we tend to look back at the year that was and make plans for the next one.  I thought it would be interesting and helpful to look back at one of the very first Help Me With HIPAA podcasts and see just how much of its lessons still can be applied to our year to come.  In Episode 4: How do you Eat an Elephant, Donna and David discuss how to create and maintain your compliance program…. how to break HIPAA into small bites so that you can have a solid privacy and security foundation.

A great place to start is with introducing or at least reinforcing a culture of privacy and security.  How do you do this?  Well, first it must be implemented from the top down.  And, it should be done in bite sized pieces.  The entire workforce must see that management believes and practices this culture.  Management must lead by example.  One very important example is establishing a compliance team and ensuring that they have the time needed to identify and implement a compliance program. This episode of Help me with HIPAA is over 5 years old, but the advice Donna and David gives us is wise and relevant still today.  One of the most important things to understand is that compliance is never done.  This certainly holds true today and I am sure still will 5 years from now.

So, exactly how do you eat an elephant?  As the saying goes… One bite at a time, of course.  For most people creating and maintaining your compliance program, or as we prefer to say “your privacy and security program”, is just one of your many job responsibilities.  Baby steps make a difference.  You don’t have to devote tons of time each week to your privacy and security program.  Set aside one hour a week, one afternoon a quarter, and maybe review one policy and procedure per month to stay on top of your compliance and privacy and security program.  To help you get started and keep you on track, put this Minimum Compliance Management Plan poster up in your office to remind you to work on your program a little at a time.  If you feel you are already doing the basics, kick it up a notch and try the Aggressive Compliance Management Plan path as your 2021 New Year’s resolution.  Making a consistent, regular effort to stay on top of your privacy and security program will pay off.

On a side note:  For those who are regular HelpMe With HIPAA podcast listeners, you may need to prepare yourself for David’s voice.  He sounds like a 13 year old boy.