This week was all about security training. From 2006 - 2008, I was a compliance auditor and HIPAA auditor. I provided HIPAA training to all new employees and annual training to established employees at a medical school and its partner medical practices. I thoroughly enjoyed that job because I was able to help open employee eyes to real security threats.
I remember sitting in the training as a new employee myself years before and now I was on the other side.
What did I learn?
I learned that security training is designed to make you aware and then make you apply. It does no good to train employees about security breaches if I do not share with them how they can make practical use of the information given.
A trainer is only as good as the information that he/she provides and is only as good as the information that is retained.
Employees or attendees should walk away saying "now I know what to do so X doesn't happen to me".
I wish more trainers would transfer knowledge and not just information...
No comments:
Post a Comment