ABSTRACT
A comprehensive security awareness program is mission critical for all healthcare organizations. Employees and workforce members lack the skills and experience to recognize and report security problems, take appropriate actions, and behave in a manner that complies with organization policies and practices. A security awareness program gives the employee the knowledge to deal with actual and potential security threats that can be encountered on a daily basis, helping to create and foster a climate in which all employees are accountable for information security. Workforce members must understand that security threats are sometimes neither deliberate nor malicious and are often the result of simple error or negligence, or the result of not adhering to security policies. Workforce members anticipating conflict with an employer, or even termination, may prepare back door access to the computer system, create alternative passwords, or simply stockpile proprietary data for later use or blackmail.
