Staff at all levels should receive annual confidentiality training covering HIPAA rules and potential ramifications for privacy violations. The training should include reviewing the employee handbook and signing a copy to acknowledge understanding, and use lectures, games and real examples to emphasize respecting patient confidentiality and how personal information disclosure could affect individuals.