Let’s say you work at a healthcare organization.
You’re diligently typing away at your desk when all of a sudden your Chief Compliance Officer barges into your room and yells, “HIPAA compliance is important!” He then shuts your door and walks out, without saying anything further.
What he just did was his version of a HIPAA reminder, albeit it was rather annoying.
It didn’t take much time out of his busy schedule to walk around the office and yell about compliance but I’m sure he annoyed some of your coworkers as well. I imagine he would change his HIPAA reminder strategy entirely if he knew that bad management leads to less productivity.
OK, maybe the Chief Compliance Officer at the healthcare organization you work in this scenario isn’t that bad. Maybe I’m overexaggerating. After all, security reminders are a spelled out administrative requirement.
Naturally, this section leaves room for interpretation like the majority of the requirements listed within HIPAA. It states that you’re required to implement reminders periodically, but it doesn’t say how often.
As a result, you’re faced with the scenario I just walked through. An abrupt, vague and unhelpful “update” from the leader of your compliance department that leaves you wasting time trying to pick back up where you left off in your work.
There have to be more effective ways to accomplish the law’s required updates, right?
Yes, implementing HIPAA reminders is a requirement but whether or not they’re done effectively can make the difference between an employee doing what’s right or accidentally causing a violation. Luckily, we’ve created this list of easy, modern and effective ideas for your consideration.
Table of Contents
Create an Internal HIPAA Compliance Newsletter
If you brought up the term newsletter to your marketing department, they’d likely start foaming at the mouth and tell you how they’re a vital part of any inbound strategy.
Some marketers report a 760% increase in revenue from this form of content.
If you haven’t implemented newsletters into your marketing strategy, it’s something worth considering. Nevertheless, I digress.
The point I’m trying to make here is that if they’re that effective for communicating to prospects and existing clients then who’s to say they aren’t as successful with your employees?
After all, 80% of employees believe that effective internal business communications help with their job performance. There are no rules against using an outbound marketing tool for the benefit of your internal communications.
Newsletter services cost money and you could send a monthly email with some facts, figures and links to recent or interesting HIPAA violations as an alternative. However, going this route takes away from functionality that benefits your compliance landscape.
Beyond the nicer formatting and design aspects of newsletters, they also provide real-time analytics and statistics. If you spent all morning researching new stories and writing up a regular email reminder to your employees, how do you know they actually read it?
Open rate is the statistic people focus on look at when it comes to email marketing. If you’re getting people to open what you sent, you’ve succeeded. Well, there’s actually a more important statistic that’s oftentimes overlooked by novice email marketers; clickthrough rate.
Click-through rate shows if people actually click links within an email.
The average open rate for daily emails is around 65% according to Backstitch. That’s pretty solid. According to the same source, though, the clickthrough rate is much lower; only about 10%.
You wouldn’t be able to know either of those statistics if you send HIPAA reminders through regular intranet emails.
These stats help your compliance efforts in two major ways.
First, you’ll be able to see which employees are the most proactive in regards to your compliance landscape. In other words, you’ll be able to point out staff members who might need additional discussions since they didn’t open your email.
Second, imagine being able to provide an auditor with documentation that not only shows that you send HIPAA reminders but also the granular statistics for each campaign that happened throughout the year. I guarantee that’s something that most healthcare organizations don’t do, especially considering how often breaches from phishing happen.
Create Short Videos
Video continues to grow as one of the most popular forms of content across the entire web.
I don’t need any statistics to back up that point, all I have to do is point to the recent popularity of the bite-sized video social media platform, TikTok.
The current reality is that all of our attention spans continue to decline. According to the Technical University of Denmark, this consistent decline is the result of an abundance of information presented to us.
So, instead of writing a novel’s worth of content for an internal email, you could set your phone up on a tripod, hit record and create multiple HIPAA reminder video segments within a few minutes.
By saying “within a few minutes” I’m referring to how long it will take you to record a series of videos, not the actual runtime of each one you create.
60% of viewers stop watching a video after two minutes.
As a result, challenge yourself to put length restrictions on what you produce. You could go longer than a minute if you wanted to. But, beyond that statistic I just shared, also keep in mind that TikTok grew in popularity by 75% in 2020.
Thus, I regret to inform you that your employees probably have a similar attention span and a TikTok account. Use that information to your advantage.
Create short HIPAA reminder videos that go over a variety of topics in one afternoon and share them throughout the year.
Create and Update Existing Reminder Content
If you’ve noticed, I’ve referred to something marketing related in each section of the blog post. That’s because generating successful HIPAA reminders for your staff follows modern content strategies closely.
Part of any successful content strategy requires updating it once you have a library that’s existed for a while.
As an example, updating blog content is something that every marketer should do. Doing so opens up the opportunity for better search rankings on Google, leading to more traffic to their website.
To be completely transparent with you, about one year from now I’m going to come back to this blog post and update its content. I’ll sit down, conduct more research and come up with some new insight to provide.
If providing successful HIPAA reminders follows a similar strategy to content marketing then you shouldn’t let that content sit stagnant either.
Let’s say you took my advice from the section earlier and made a ton of short videos to send to your staff throughout the year. Within a lot of those videos, you referenced headlines pointing to relevant violations to back up what you said. That’s a good practice, however, a year goes by before you know it and your content isn’t as impactful because you’re talking about outdated events.
Wouldn’t your HIPAA reminders have a bigger impact on your team if they referenced recent breaches on a yearly basis?
Send Interactive Quizzes
If you go on any social media, you’ll see people posting their results to quizzes explaining how their personality type is like their favorite TV show character.
Statistically, 82% of users on social media interact with quizzes posted on the platform.
They’re a fun activity for the user and a great way for organizations to gather information.
Quizzes are so popular that Twitter introduced the functionality in 2015 and TikTok added it recently towards the end of 2019.
If these massively popular social media companies added quizzing as a functionality for their users, it only proves how much people enjoy taking them.
My point after all of this is that you should take advantage of that point to create and send quizzes to your workforce. Of course, the topic for the quizzes you make throughout the year should be HIPAA related. Also, don’t send them to your employees through social media.
Instead, the compliance management software you’re using should provide a way to test the knowledge of your team.
HIPAA’s content isn’t the most exciting. But that doesn’t mean you can’t spin it and relate your questions into more interesting topics. This turns your reminders into an active and fun experience, which is something you’re striving for during your training sessions too.
As Eric Mazur, Harvard School of Engineering and Applied Sciences professor, stated, “Active learning, not passive [learning] makes it impossible to sleep through a class.”
Conclusion
Believe it or not, working under HIPAA requirements is a blessing and a curse.
It’s a curse because of how much the law requires you to adjust how your business runs. But it’s a blessing because a lot of it is open to interpretation. It requires you to send reminders to your staff but it doesn’t say that they have to be boring.
How you send them, what medium you use and what HIPAA topics you cover are all up to you.
That’s a content marketers dream.
You’re creating from a blank slate and your motivation toward making great reminders comes from the fact that you’re saving your organization from a violation by spreading awareness.