Monthly Archive: May 2014

Utilize 4 Steps to Maximize Training ROI

When aiming to optimize ROI efforts in training, companies should not overlook the benefits of instructor-led training and professional development courses.Most companies invest in training and development of staff for improved success, regardless of the industry. However, instructor-led training in the workplace costs both time and money, and managers run the risk of wasting valuable resources if they do not see significant returns on their investments in training.

CSO Insights (Chief Sales Officer Insights), a market research firm, conducted a performance optimization study that sought to measure investments in training, focusing on the pitfalls that can interfere with success. The study concluded that there are processes in place at many organizations that can have a negative impact on training ROI.

Random process. When companies use an unorganized approach to conducting business, it can certainly impact the value of training. Rather than adhering to company standards and processes, individuals often end up following their own protocols for completing assignments or marketing products, instead of what they learned in class.

Informal process. Even in businesses that invest in training programs, actual learning retention can hit significant snags following completion of the courses if there is no formal process for monitoring results. Although the skills taught in these classes can be beneficial, lack of monitoring or measurement by managers leaves them unable to ascertain if the learning has been retained and is being used on the job.

Formal process. Some companies do have their own training protocols to reinforce skills for use in real-life scenarios in the workplace. In these organizations, specific managers perform periodic reviews to determine the efficacy of the information learned and then make changes to training based on their analysis. While an improvement on the previous two processes—Random and Informal—it is not necessarily a systemic or dynamic approach.

Dynamic process. Organizations that reap the most benefit from training provide continuous feedback to employees to ensure that useful skills are being applied. They also keep an eye on changes in the marketplace or business and adapt systems as necessary.

Following the teachings of Donald Kirkpatrick ensures that businesses are more likely to get “bang for the buck” from their training expenditures.

Following the 4 Levels of Evaluation

As the former president of the American Society for Training and Development, Kirkpatrick had extensive experience developing standards that optimized training programs. In 1959, he published his first works on effective professional education in Training and Development Journal, called the “Four-Level Training Evaluation Model.” Since its initial release, Kirkpatrick’s four levels have been updated twice, once in 1975 and once in 1994 when he published one of his most well-regarded pieces, “Evaluating Training Programs.” Since then, his works have guided effective training exercises in the corporate environment. Kirkpatrick’s lessons involve four essential levels of evaluation:

Level 1: Reaction Determine participants’ thoughts and feelings about the program to capture overall satisfaction with the experience.

Level 2: Learning Gauge the increase of knowledge and skills as a result of the course.

Level 3: Behavior Measure the retention of information and its application in the work environment.

Level 4: Results Assess changes and how beneficial the improvements have been to the organization.

With today’s fast-paced and changing economy, the old guard methods of learning and development have become obsolete. Level 1 feedback forms are helpful but insufficient to conclude that the training has been effective. The real ROI is what happens when employees are back on the job – three months, six months and a year down the line. Learning, behavior and retention must be evaluated at subsequent post training intervals.

Achieving multi-million dollar success

Several years ago, a world renowned international technology company hired Merit Career Development to improve the skills of its sales force. Merit’s powerful training techniques and tools enabled the employees to close several deals worth millions of dollars within six months of completing the course. The financial impact was significant as they earned substantial profits for the company. The program is now used around world for hundreds of participants per year.

With its fully customizable courses that can be tailor-made to fit any business, Merit ensures that its clients receive the highest possible ROI on all its professional training programs. To learn more, review Merit’s course list or contact Merit today.


© 2014 Merit Career Development. All rights reserved. For more information, please contact Jim Wynne at jwynne@MeritCD.com.

Permanent link to this article: http://meritcd.com/blogs/utilize-4-steps-to-maximize-training-roi/

$4.8 Million, Highest Fines Issued by HHS to Date

ePHI breach on internetMay 2014

The Department of Health and Human Services (HHS) entered into settlements totaling $4.8 million with New York-Presbyterian Hospital (NYP) and Columbia University Medical Center (CU) for failing to implement appropriate administrative and technical safeguards to secure the ePHI of approximately 6,800 patients[i]. This is HHS’ highest financial sanction issued to date as a part of breach settlement agreements, confirming its commitment to enforce HIPAA compliance.

Breach Report, Investigation and Findings

NYP and CU received a complaint from an individual who found confidential health information (ePHI) including status, vital signs, medications, and laboratory results of a deceased relative, a former NYP patient, on the Internet. The HIPAA regulations require such ePHI be maintained in secure systems and kept confidential. In accordance with HIPAA requirements, they submitted a joint report of the complaint to HHS dated September 27, 2010 resulting in an investigation by HHS’ Office of Civil Rights (OCR).

OCR’s investigation found that NYP and CU have a joint healthcare services arrangement wherein CU faculty members work as attending physicians at NYP. To support the services, NYP and CU operate a shared data network including firewalls administered by employees of both entities with shared links to NYP patient information systems.

OCR identified the breach to have occurred when a CU physician employed to develop applications for both entities attempted to de-activate a networked server containing NYP patient ePHI. Due to a lack of technical safeguards in place on the network, the de-activation attempt resulted in NYP ePHI becoming accessible to internet search engines.

OCR found that neither NYP nor CU could demonstrate that its servers were secure or contained software protections prior to the breach. OCR found an additional lack of administrative safeguards, specifically that neither entity had conducted a risk analysis to identify all systems with access to NYP’s ePHI or had a risk management plan in place to address potential hazards or threats to the security of its ePHI.

Finally, OCR found that NYP failed to implement its own technical safeguards including procedures for authorizing access to its databases and information access management processes. In addition to the financial sanctions, NYP and CU agreed to a corrective action plan requiring implementation of the administrative and technical safeguards and to monitor compliance with regular reports back to HHS.

Increased HHS Enforcement of HIPAA Compliance

This action gives notice to Covered Entities and Business Associates that HHS has heightened its enforcement efforts since the enactment of HITECH and the HIPAA Omnibus Rule.

It is imperative that a healthcare organization ensure that its workforce understands the privacy and security regulations, not just completes rote training programs, and recognizes the impact that non-compliance—from even one employee—can have on an organization.

The mandated HIPAA safeguards must be in place to identify risks and threats to ePHI and patient information systems, including insider threats from its own workforce. The safeguards must be regularly monitored through risk analysis as a part of a comprehensive risk management program.

Click here to learn how to mitigate these risks with an organization-wide risk analysis.


[i] See http://www.hhs.gov/news/press/2014pres/05/20140507b.html


© 2014 Merit Career Development. All rights reserved. For more information, please contact Jim Wynne at jwynne@MeritCD.com.

Permanent link to this article: http://meritcd.com/blogs/4-8-million-highest-fines-issued-by-hhs-to-date/

Optimizing ROI in Sales Force Training Programs

Sales presentationA CFO, nervous about the cost of sales training, argues with the CEO. “What if we pay for all this training and these employees leave?” the CFO asks. The CEO replies, “What if we don’t pay for the training and they stay?”

Although the story from Peter Baeklund illustrates an old business witticism, when it comes to optimizing sales performance, effective training with significant return on investment is the key to success. For the company to see true ROI, the tools and skills learned in the classroom need to be transferred into the work environment where employees can use them to make the sales.

Taking the right steps

Donald Kirkpatrick, former president of the American Society for Training and Development, first published his Four-Level Training Evaluation Model in the Training and Development Journal in 1959. It was subsequently updated twice, once in 1975 and again in 1994 when he published one of his most well-known pieces, “Evaluating Training Programs.” Since then, his works have guided effective training exercises in the corporate environment. Kirkpatrick’s lessons involve four essential levels of evaluations:

  • Reaction: capturing participants’ satisfaction with the experience immediately following training, gauging initial thoughts and feelings about the program
  • Learning: Measuring the increase in knowledge of skills as a result of training
  • Behavior: Assessing retention and whether participants can apply what they have learned in the workplace
  • Results: Addressing changes in performance and how the improvements have benefited the organization.

With today’s fast-paced and changing economy, the old guard methods of learning and development have become obsolete. Feedback forms don’t tell us if the training has been effectively retained. The real ROI is what happens when employees are back on the job – three months, six months and a year down the line. Learning, behavior and retention must be measured by then.

The sales force is integral to a company’s success and requires extensive training to adequately market its products and services. Sales employees must have a variety of selling techniques under their belts. For example, selling to a CFO or other C-level executive requires a significantly different approach than selling to an entry-level purchaser.

Current training modules need to reflect these differences. The challenge is helping sales professionals communicate clearly and effectively with high-level executives, cutting out technical jargon that can get in the way and listening to the client’s needs. More advanced and updated forms of training are needed to bolster the performance of the sales team, which in turn could result in an improved bottom line.

Achieving multi-million dollar success

A world renowned international technology company hired Merit Career Development to improve the skills of its sales force. Merit’s powerful training techniques and tools enabled the employees to close a deal worth millions of dollars in transactions within six months of completing the course. The financial impact was huge as they earned a substantial amount of profits for the company.

Much of the training entailed developing pitches and proposals targeted to high-level executives without the need for convoluted vocabularies. Simplifying the language allows a pitch to appeal to multiple audiences and makes the information accessible to a large range of potential buyers. The program is now used around the world for hundreds of participants per year.

With its fully customizable courses that can be tailor-made to fit any business, Merit ensures that their clients receive the highest possible ROI on sales programs. To learn more, review Merit’s course list or contact Merit today.


© 2014 Merit Career Development. All rights reserved. For more information, please contact Jim Wynne at jwynne@MeritCD.com.

Permanent link to this article: http://meritcd.com/blogs/optimizing-roi-in-sales-force-training-programs/

Minimizing Communication Breakdowns in Project Management

Business-team-coaching-Toronto-Julie-MortonPrevent communication breakdowns from derailing or delaying project management efforts. To do this, focus on the three specific areas that are responsible for the majority of miscommunications in project management.

Successful project management cannot be achieved when team members do not understand or retain material being presented. Project managers face their greatest challenges when dealing with poorly defined requirements and communication. When critical information gets misconstrued during the course of an assignment, significant errors can occur. If found too late, these can result in diminishing productivity, wasting resources and very expensive mistakes that are difficult to correct.

To ensure that project management requirements are met in the initiation and development phases, effective communication techniques are needed.

Managers may face three distinct types of problems during the course of a project: offsets in experience, English as a second language environments and varying employee backgrounds.

1. Experience offsets

Communication difficulties can arise when the project’s participants have varying  levels and types of experience relevant to the business world. Entry-level employees may experience challenges when working alongside senior leadership executives and high-ranking associates. And vice versa.

“Communication is more than just the transmission of messages, words and ideas; it embodies the creation of meaning between individuals,” says John Juzbasich, CEO of Merit Career Development. “To do that we rely upon our experience to create and construct meaning from the words we hear.”

Often, new employees and veterans engage in conversations that appear beneficial and productive initially, but they may walk away with different understandings of what transpired.

What to do. Leaders should assess—and address—this risk upfront during the planning stage of the project. Finding ways to cross-train team members ensures that information is being delivered adequately and concisely throughout the assignment.

2. ESL environments

Every project management team can encounter English-skill level discrepancies, especially within companies working in a global environment. When employees are unable to understand one another at a basic level, communication becomes futile.

What to do. Rather than attempt to navigate vocal challenges, leaders should utilize chat technologies that allow for translations. This can facilitate ESL environments and prevent any breakdowns in communications that might interfere with the success of the project.

3. Varying backgrounds

Some of the biggest communication problems arise when team members are trained in different areas of the business. This happens frequently when cross-functional teams are tasked with company-wide initiatives and represent IT, HR, Finance and Customer Relations, for example. Employees within these different niches may struggle to communicate, since they may have language or jargon that is unique to their work.

Project managers have to be sure that nothing gets lost in translation between disparate functions. They must seek to understand the meaning of the communications presented by each team member and develop effective language skills that will be understood and relevant to all.

What to do. Kick-off the team initiatives on the right foot by providing insight into the objectives, backgrounds and contributions made by each area represented. Visuals may help clarify this important step in the communication process.

Other Important Tips to Assure Better Communications

Through techniques such as open-ended and clarifying questions, restatement, reflecting and paraphrasing the project manager’s instructions, team members can develop a clear understanding of the message and project requirements.

The end-users should be the focal point of the message, not the sender. The manager should be looking at the big picture in addition to the minute details. Too many project leaders put communication at the bottom of their priorities, which can lead to short messages that are difficult to interpret.

Merit Career Development provides a range of project management workshops that are managed by experts to yield the greatest results possible. Each one delves into its specific topics with in-depth tools and techniques to ensure that communication flows freely between participants. Every workshop can also be customized to meet the training needs of companies and tailored to specific environments. Review a course list or contact Merit to speak with a professional today.


© 2014 Merit Career Development. All rights reserved. For more information, please contact Jim Wynne at jwynne@MeritCD.com.

Permanent link to this article: http://meritcd.com/blogs/minimizing-communications-breakdowns-in-project-management/

HIPAA Privacy and Security, Perfect Together

PrivacyIn this era of HIPAA enforcement, it is important to understand the fundamental role of the privacy regulations. Privacy outlines the big picture for compliance. Failing to understand and implement privacy’s administrative, technical and physical safeguards can be a costly miscalculation.

Privacy regulations have been in effect since 2003 and are updated regularly on the Department of Health and Human Services’ (HHS) website.

These regulations list compliance requirements for protected health information (PHI) in all formats (oral, paper or electronic). Security regulations are a subset of privacy limited to PHI in electronic format (ePHI). Privacy encompasses the big picture for compliant access, use, and disclosure of all PHI, including ePHI. Investing the staff, resources and time necessary to meaningfully implement privacy regulations is the entrée to compliance and a prudent business decision.

Prior to 2009, regulated organizations were primarily self-monitoring. The lack of outside accountability precipitated the major investment of staff and resources allocated for HIPAA compliance being directed towards building and supporting electronic health records systems. Fewer resources were dedicated to the less concrete, yet more comprehensive, role of privacy. Responsibility for patients’ and clients’ rights; uses and disclosures of PHI; role-based access issues; business associates; and other privacy issues were disbursed over many departments. This resulted in insufficient compliance, lax oversight and a high occurrence of violations.

HITECH’s enactment in 2009 refocused HIPAA enforcement on the privacy regulations.

HITECH mandates the implementation of complaint and breach report procedures, requires accountability for management of PHI, establishes higher sanctions for violations including a new category for willful neglect, and initiated a random audit program for an expanded list of regulated organizations by HHS’ Office of Civil Rights (OCR).

More federal and state regulatory agencies, including FTC and states’ attorney generals, now coordinate with HHS’ enforcement actions. Their websites regularly post results of enforcement actions as notice and guidance for regulated organizations. Most violations settle with corrective action plans (CAPs); some include fines tipping millions of dollars.

Many CAPs require hiring auditors to monitor and report to HHS on CAP compliance, particularly revising policies and procedures and workforce training programs (basic privacy administrative safeguards) over a period of years. As the following three cases from HHS’ website confirm, HHS is serious about privacy compliance.

Cignet Health failed to respond to requests of 41 patients to access their medical records, a right guaranteed by privacy regulations. These patients filed complaints directly with HHS. OCR investigated and demanded release of the records. Cignet failed to cooperate or engage in any reasonable resolution. OCR then subpoenaed the records; Cignet did not comply. OCR’s subpoena was enforced by the District Court whose Final Determination mandated their release, levied a $1.3M fine for its breach of patients’ privacy rights and an additional $3M fine for willful neglect of privacy regulations and failure to cooperate with OCR. It took a $4.3M fine for Cignet to implement privacy regulations.

RX bottlesCVS Caremark (CVS) incurred a $2.25M fine for disposing PHI on labels of medication vials and old prescriptions with its regular trash. Privacy regulations confirm that CVS is responsible for its PHI from creation until its secure destruction. Unsecured trash containers are an all too common source of confidential information for identity thieves today. This issue was the focus of a local news investigation which reported on CVS’s trash disposal practices. FTC coordinated with OCR’s investigation addressing consumer protection issues. CVS agreed to a CAP which included a $2.25M fine and required it to implement policies and procedures for secure disposal of PHI as well as accountability procedures for staff violations, and workforce retraining programs throughout the corporation. CVS was also required to retain an independent auditor to report back to HHS on its CAP compliance for a three year period. Further, CVS was subject to FTC monitoring for 20 years.

photocopierAffinity Health Plan paid a $1.2M fine for failing to erase PHI from photocopier hard drives before returning the photocopiers to its leasing agents. CBS news uncovered the breach as a part of an investigative report wherein it purchased a photocopier previously leased by Affinity and analyzed its hard drive. It contained the PHI of over 300,000 of Affinity’s patients, the type of PHI protected directly by the privacy regulations. Affinity self-reported the breach to HHS, notified its clients, and agreed to a CAP requiring revision of policies and procedures and workforce training programs, completing regular internal risk analyses to identify threats and vulnerabilities to its PHI, and implementing a plan including technical safeguards to purge and dispose of PHI in all formats in a private and secure manner. The CAP also required Affinity to use its best efforts to retrieve all hard drives returned previously to leasing agents.

These are costly errors for regulated organizations’ failure to implement privacy regulations into their compliance plans. Patients and the public are aware and looking for violations. OCR audits are scheduled to start up again in October 2014 but violations can generate an OCR contact at any time. Privacy regulations, at a minimum, require organizations to remain on top of the flow of all PHI, including ePHI, under its control from the time of its creation, throughout its lifespan, to its secure destruction. Don’t miss the big compliance picture by a myopic focus on ePHI.


© 2014 Merit Career Development. All rights reserved. For more information, please contact Jim Wynne at jwynne@MeritCD.com.

Permanent link to this article: http://meritcd.com/blogs/hipaa-privacy-and-security-perfect-together/