In this episode we discuss how to take the first steps to building a “culture of compliance” in your organization. Every project has to start somewhere but where do you start with something as big and complicated as HIPAA? Well…. Just like the joke goes “How do you eat an elephant?” “One bite at a time.”

A 5 star review is all we ask from our listeners.
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy.

How do you break HIPAA Compliance into bite sized pieces and get your project moving? We have some tips for you.


A culture of compliance is when an organization establishes standards, rules, and policies that aren’t simply distributed to the workforce. The organization as a whole takes their compliance serious at a personal level. Each person agrees to abide by the standards, rules, and policies set forth and holds themselves accountable to each other for doing so. This culture can only be accomplished if it is done from the CEO all the way down the organization to the volunteers and/or temporary employees.


Posts From Donna’s Blog

How do you create a culture of HIPAA compliance?

HIPAA Documentation AKA Telling Your Compliance Story

How long will it take to get HIPAA compliant?

Simple HIPAA Checklist – Well Sort of

5 Tips to Just Get Your Risk Analysis Done

Please, Just Do My HIPAA For Me!


  • What is a culture of compliance?
  • What are the parts I need to build a culture of compliance?
    • Established and supported by Senior Mgmt
    • Integrated into all training and education done for the workforce
    • Programs are designed to reward compliance
    • Sanctions are applied equally to all levels for failure to comply
    • All technology is reviewed and managed with compliance in mind
    • Every decision, project, addition, and subtraction to the business includes considerations for compliance
  • How can you really break HIPAA into small bites?
    • Documentation management plan
    • Business Associates
    • Privacy
    • Security
    • Breach
  • How to motivate myself to take the first bite of the elephant?
    • Every single week start with one task that must be completed
      • Policy or procedure reviewed
      • BA evaluated and audited
      • Procedure audited
      • Training class attended
    • Allocate time to complete a task each week
      • It isn’t something you do last, it should be something that is as important as completing you accounting reports, payroll, accounts receivable management, etc.
      • Build the habit or assign it to someone who has the time to apply to getting it done.
    • Build on what you started
      • HIPAA compliance is never “done”