---
name: compliance-training
description: Design, deliver, and track mandatory compliance training programs including harassment prevention, data privacy, workplace safety, ethics, and industry-specific regulations. Use when scheduling compliance training, creating training content, tracking completion rates, or ensuring regulatory training requirements are met. Triggers on phrases like "compliance training", "mandatory training", "harassment training", "safety training", "ethics training", "data privacy training", "anti-corruption training", "regulatory training", "training completion", "training deadline", "compliance curriculum", "annual training".
---

# Compliance Training

Design and manage mandatory compliance training to meet legal requirements and organizational standards.

## Workflow

1. Identify requirements: Legal, regulatory, industry, and internal policy training needs.
2. Develop curriculum: Content creation, format selection, localization.
3. Deploy training: Assignment, scheduling, delivery, reminders.
4. Track completion: Monitoring, reporting, follow-up on non-completers.
5. Assess effectiveness: Knowledge checks, behavioral indicators, incident tracking.
6. Update annually: Regulatory changes, incident learnings, content refresh.
7. Document and audit: Completion records, training materials versioning, audit readiness.

## Training Requirements by Category

```
MANDATORY COMPLIANCE TRAINING CATALOG
=======================================

CATEGORY 1: WORKPLACE HARASSMENT AND DISCRIMINATION
  Frequency: Annual (biennial in some states like California)
  Audience: All employees; supervisors receive additional training
  Topics:
    → What constitutes harassment (quid pro quo, hostile environment)
    → Protected classes (federal and state-specific)
    → Reporting procedures (multiple channels, no retaliation)
    → Bystander intervention
    → Manager responsibilities: Address complaints, prevent retaliation
    → Company policies and consequences
  Requirements:
    → California: AB 1825 (2 hours supervisors, 1 hour employees)
    → New York: Prevent Sexual Harassment (annual, state-approved)
    → Connecticut, Delaware, Illinois, Nevada, Vermont: State-specific requirements
  Format: Interactive online module with scenario-based learning

CATEGORY 2: WORKPLACE SAFETY (OSHA)
  Frequency: Annual; role-based for specific training
  Audience: All employees; additional for safety-sensitive roles
  Topics:
    → General workplace safety (slips, trips, falls, ergonomics)
    → Emergency procedures (evacuation, fire safety, first aid)
    → Incident reporting
    → Hazard communication (GHS, SDS)
    → PPE requirements (role-specific)
  Role-specific additions:
    → Warehouse: Forklift, lockout/tagout, confined space
    → Lab: Chemical handling, biosafety
    → Field work: Travel safety, weather emergencies
    → Office: Ergonomics, emergency evacuation
  Requirements:
    → OSHA 10-hour (construction/general industry) for applicable roles
    → State plan states may have additional requirements

CATEGORY 3: DATA PRIVACY AND SECURITY
  Frequency: Annual
  Audience: All employees; additional for data handlers and IT
  Topics:
    → Data classification (public, internal, confidential, restricted)
    → Phishing and social engineering awareness
    → Password security and multi-factor authentication
    → Data handling procedures (PII, PHI, financial data)
    → Incident reporting (breach notification)
    → Remote work security
  Regulatory additions:
    → HIPAA (healthcare employees): PHI handling, minimum necessary
    → GDPR (EU employees/data): Data subject rights, consent, breach notification
    → SOC 2: Organizational security commitments
    → PCI-DSS (payment card handling): Card data protection

CATEGORY 4: ETHICS AND BUSINESS CONDUCT
  Frequency: Annual
  Audience: All employees; enhanced for finance, procurement, sales
  Topics:
    → Code of conduct overview
    → Conflicts of interest (personal, financial, external employment)
    → Gifts and entertainment policy
    → Anti-bribery and anti-corruption (FCPA, UK Bribery Act)
    → Financial record accuracy
    → Whistleblower protection and reporting
    → Social media and public communications

CATEGORY 5: INDUSTRY-SPECIFIC COMPLIANCE
  Frequency: As required by regulation
  Examples:
    → Finance: SOX, AML/KYC, Reg BI, suitability
    → Healthcare: HIPAA, Stark Law, Anti-Kickback
    → Manufacturing: Quality management (ISO), environmental compliance
    → Education: FERPA, Title IX, Clery Act
    → Government contractors: FAR/DFARS, cybersecurity (NIST)
    → Food/beverage: Food safety (FDA), alcohol service

CATEGORY 6: EMPLOYEE RIGHTS AND LABOR LAW
  Frequency: Annual (or as required by state)
  Topics:
    → FMLA, ADA, FLSA basics
    → Wage and hour laws (exempt vs. non-exempt)
    → Leave entitlements
    → Anti-retaliation
    → Worker classification (employee vs. contractor)
    → State-specific requirements (paid sick leave, minimum wage, etc.)
```

## Training Deployment

```
TRAINING ROLLOUT PROCESS
=========================

PLANNING (Q4 for following year):
  → Review regulatory changes: Federal, state, local updates
  → Update content: Refresh scenarios, add new requirements
  → Set deadlines: Completion due dates by employee group
  → Communicate: Advance notice of training requirements and deadlines
  → Technical prep: LMS configuration, course publishing, assignments

DEPLOYMENT:
  → Assign courses: Based on role, location, regulatory requirements
  → Launch window: Open courses, send invitations
  → Reminder schedule:
      Week 1: Launch notification
      Week 2: Progress check
      Week 3: Deadline reminder (7 days out)
      Week 4: Final notice (48 hours before deadline)
      Post-deadline: Escalation for non-completers

DELIVERY MODES:
  → Self-paced online: LMS-hosted modules (primary method)
  → Instructor-led: Virtual or in-person for interactive topics
  → Micro-learning: Short modules for quick compliance topics
  → Just-in-time: Triggered by specific events (new hire, promotion, incident)
  → Blended: Online module + in-person discussion (harassment, safety)

TRACKING AND REPORTING:
  → Real-time dashboard: Completion rates by department, location, role
  → Automated reports: Weekly status during deployment window
  → Manager visibility: "Your team completion status" notifications
  → Escalation workflow:
      Day 1 past deadline: Automated email to employee + manager
      Day 5: HR notification, manager coaching
      Day 10: Formal notice to employee
      Day 15: Disciplinary action per policy (if no valid excuse)

COMPLETION VERIFICATION:
  → Knowledge checks: Quizzes at module end (minimum passing score: 80%)
  → Certificate of completion: Generated automatically
  → Attestation: Employee acknowledges understanding of policies
  → Record retention: 3–7 years (varies by regulation)
```

## Training Effectiveness Assessment

```
EVALUATION FRAMEWORK (Kirkpatrick Model)
=========================================

LEVEL 1: REACTION
  → Post-training survey: Relevance, engagement, clarity
  → Net Promoter Score: "Would you recommend this training?"
  → Completion rate and time-to-complete

LEVEL 2: LEARNING
  → Pre/post knowledge assessment: Score improvement
  → Scenario testing: Apply knowledge to hypothetical situations
  → Skill demonstrations (for safety, hands-on topics)

LEVEL 3: BEHAVIOR
  → Manager observation: Application of learned behaviors
  → Incident tracking: Reduction in harassment claims, safety incidents, data breaches
  → Survey data: Changes in psychological safety, reporting behavior
  → Audit results: Compliance findings, corrective actions

LEVEL 4: RESULTS
  → Reduction in compliance violations and associated costs
  → Improved audit scores and regulatory standing
  → Lower litigation risk and insurance premiums
  → Cultural metrics: Trust, psychological safety, reporting rates

ANNUAL REVIEW:
  → Aggregate all levels of assessment
  → Identify topics needing content improvement
  → Benchmark against industry standards
  → Report to leadership: Compliance status, risk exposure, improvements
  → Update training plan for next year
```

## Integration Points

- LMS (Learning Management System): Course hosting, assignment, tracking, reporting
- HRIS: Employee data sync, role/location-based assignment, completion records
- Assessment tools: Quizzes, surveys, knowledge checks
- Communication platforms: Training reminders, completions notifications
- Compliance management systems: Regulatory tracking, audit documentation
- Incident management: Correlation between training completion and incident reduction
- Certification bodies: Accredited training programs, external credentials

## Edge Cases

- **Global workforce**: Localization (language, culture); jurisdiction-specific requirements; varying deadlines
- **High turnover**: New hire compliance training within first week; backfill training gaps
- **Non-completers**: Valid excuses (leave, disability, travel); make-up scheduling; disciplinary escalation
- **Content fatigue**: Engaging formats; scenario-based learning; avoid "death by compliance"
- **Accessibility**: WCAG-compliant training materials; ADA accommodations for disabilities
- **Unionized workforce**: Contract-defined training requirements; union notification of new training