Skip to content
English - United States
Submit a Ticket Go To Customer Portal
  • There are no suggestions because the search field is empty.

Where do I start? Advice for Guard customers from a compliance professional

Overview

One of the most common questions new Compliance Officers or team members ask is:

“Where do I start?”

Healthcare compliance can feel overwhelming—multiple regulations, limited resources, and pressure to get things right. This article provides a practical starting point and guidance on how to use The Guard to begin your compliance journey from one of our Compliance professionals. 

Where Do I Start With Compliance?

There is no wrong place to start

Compliance touches many parts of an organization, so starting anywhere meaningful is a good starting point.
To gain momentum quickly, many experienced compliance professionals recommend starting with:

  • One area of opportunity (a known gap)

  • One area of success (something working well that builds confidence)

This dual approach helps you build understanding while gaining early wins.

Practical First Steps

1. Understand your environment

Gather information from:

  • Policies and procedures

  • Team members involved in daily operations

  • Prior audits or risk assessments

  • Existing documentation inside The Guard

2. Use The Guard to guide your workflow

The Guard provides a structured path to begin building or improving your compliance program.

You can start in areas such as:

Playbooks

Begin with the HIPAA Playbook or another framework.
Playbooks act like workplans—guiding you step-by-step through assessments, safeguards, and remediation tasks.

Programs

Assess whether Controls are met, partially met, or not met.
Programs surface gaps and automatically recommend remediation tasks.

Policies

If you have an urgent need—like updating a Privacy Policy—you can begin your work inside the Policies & Procedures module.

Training

Launch or refresh Security Awareness Training or other required modules for your workforce.

Risk Assessments

For OSHA or HIPAA, you can start with focused risk assessments to identify high-risk areas quickly.

Each module provides clear next steps and evidence tools to help you document your work.

Building Engagement With Your Organization

Many new compliance professionals struggle with team buy-in. One effective strategy is to:

  • Explain that you are assessing where compliance can benefit the organization most

  • Reassure teams that no one "sent you" to investigate their department

  • Focus on understanding processes first, not judging them

This approach reduces resistance and builds trust early.

Helpful Advice for New Compliance Teams

Give yourself grace

Even strong compliance teams cannot review every risk, policy, or process every year. Compliance is a marathon, not a sprint.

Compliance is everyone’s job

You may lead the program, but you cannot—and should not—do everything alone.
Engage others by:

  • Assigning tasks

  • Creating cross-departmental workgroups

  • Sharing responsibility for risk mitigation

Focus on your highest risks first

Use your limited time and resources where they matter most.

Document everything

Most organizations are doing more than they realize.
Capture:

  • Informal training (shadowing, coaching)

  • Daily workflow improvements

  • Safeguards already in place

All of these can be added to The Guard as evidence.

Celebrate wins

Recognize employees who model compliant behavior.
Celebrate incremental progress—it creates momentum and supports a positive compliance culture.

Summary: The Best Places to Start

If you aren’t sure where to begin, start with one of these:

A Playbook (e.g., HIPAA Playbook)

Clear step-by-step guidance + recommended tasks.

A Risk or Program Assessment

Reveals gaps and directs your next actions.

Policies

If something urgent is needed, start there.

Training

Fastest way to improve workforce readiness.