Creating an FTCA Risk Management Training Plan for the Coming Year

With each year’s fourth quarter, health center teams begin to prepare comprehensive risk management training plans to meet evolving HRSA/FTCA requirements. It’s important to use this time to plan out the coming year’s training to ensure all HRSA and FTCA requirements are met and that training is completed in a timely manner.

Understanding the FTCA Training Requirements

The FTCA program requires health centers to develop and implement a written annual risk management training plan that encompasses all providers and staff. This mandate isn't merely a checkbox exercise—it represents a fundamental commitment to reducing medical malpractice risks and ensuring optimal patient outcomes. The training plan serves as a key Quality Assurance (QA) program for meeting the quality aims for each health center.

Health centers must specify that all providers and staff will participate in risk management training, clearly outline the topics to be covered, and include detailed procedures for tracking and documenting training completion. This comprehensive approach ensures no staff member falls through the cracks and that your organization maintains robust documentation for FTCA compliance reviews.

Essential Training Components

The 2025-01 Program Assistance Letter establishes clear requirements for the upcoming coverage year. Your training plan must incorporate four core components that cannot be optional or substituted:

Obstetrical Risk Management Training remains mandatory for all clinical staff, including Licensed Independent Practitioners (LIPs), Other Licensed or Certified Practitioners (OLCPs), and Other Clinical Staff (OCS). This requirement applies even if your health center doesn't provide labor and delivery services. The training should be discipline-specific—an obstetrician's training will naturally differ from that provided to dental staff or social workers, but all clinical staff must receive appropriate OB-related education.

Infection Control and Sterilization Training must address bloodborne pathogen protocols, infection prevention policies, hand hygiene programs, and equipment sterilization procedures.

HIPAA and Medical Record Confidentiality requirements have evolved with advancing technology and changing patient expectations. Your training may address not only traditional privacy concerns but also emerging issues related to telemedicine, patient portals, artificial intelligence (AI), or other digital health tools.

At least one other Area of High Risk Training should be tailored to your organization's specific clinical profile and risk assessment findings. This might include training on dental procedures, pharmacy operations, telehealth protocols, or other services that present elevated liability risks based on your quarterly risk assessments and claims analysis.

Other areas of required training not mentioned in the FTCA Application guidance (but found elsewhere in FTCA requirements), also include:

• Risk Manager Training

• Board Risk Management

• Medical Record Documentation

• Follow-Up On Adverse Test Results

• Provider-Specific Risk Training

• Basic Life Support Training

Though these are not evaluated during the annual evaluation of the FTCA redeeming application process, it is highly recommended that these areas be included in each health center’s annual Training Plan. See RegLantern’s blog on this topic for more guidance.

Developing Your Training Strategy

The Institute of Medicine has defined quality healthcare in 6 domains:

• Safe Care

• Timely Care

• Effective Care

• Efficient Care

• Equitable Care

• Patient-Centered Care

During the Quality Planning (QP) process, health centers should develop aims for the organization that point to the “target” of quality healthcare. Once those aims are clearly defined, the health center must plan trainings that support those aims. An effective training plan should be informed by actual risks to your organization. It also demands a strategic approach that considers your organization's unique needs, resources, and risk profile.

Your training plan should specify the delivery methods for each component, whether through in-service sessions, online modules, webinars, or combination approaches. Consider the practical realities of staff schedules, clinical demands, and learning preferences when designing your program. Many successful health centers use a monthly assignment approach, providing 30 days for completion of each training module.

Document the training source for each component, whether utilizing HRSA materials, ECRI resources, professional association offerings, or internally developed content. The FTCA program provides flexibility in content selection, but the source and quality of training materials can significantly impact both learning outcomes and compliance documentation.

Each training listed on the Training Plan should clearly define which of the organization’s staff are required to complete each training. Remember, OB Risk Management must be provided to all LIPs, OLCPs, and OCS. Said another way, anyone the health center credentials and privileges should also complete OB Risk Management training every year.

Implementation and Tracking Framework

Effective implementation requires tracking and documentation systems that go beyond simple attendance records. Your Training Plan must detail how training completion will be documented, who is responsible for monitoring compliance, and what enforcement mechanisms exist for non-compliance.

The FTCA Educational Training Tracking Tool provides a standardized format for documenting completion, but your internal systems should capture additional details such as training effectiveness, participant feedback, and competency assessments.

Establish clear timelines for training completion, typically allowing 30 days from assignment for each module. Build in flexibility for new hires, staff on leave, and other special circumstances while maintaining accountability for completion. Your tracking system should generate regular reports for leadership review and provide early warning of compliance issues. It is a compliance requirement for all required training to be completed between January 1 and December 31 of each year. Any trainings not completed within that time period will be considered non-compliant by FTCA.

Addressing Special Populations and Circumstances

For volunteer providers and contracted staff, ensure training requirements are clearly specified in agreements and that completion is documented according to FTCA standards. The alignment between credentialing and privileging lists and training records remains a critical compliance area that HRSA reviews closely.

Consider developing specialized training tracks for different staff roles while ensuring all required topics are covered. Administrative staff may require different HIPAA training content than clinical providers, but the core requirements must be met across all staff categories.

Integration with Broader Risk Management Activities

Your training plan shouldn't exist in isolation—it should integrate seamlessly with your quarterly risk assessments, annual board reporting, and ongoing quality improvement activities. Use findings from your risk assessments to inform training topic selection and content development. When quarterly assessments identify specific risk areas, incorporate targeted training to address these concerns.

The annual risk management report to your governing board should include an analysis of training program effectiveness, completion rates, and the correlation between training topics and risk reduction outcomes. This integration demonstrates the strategic value of your training investments and provides data to support program enhancements. In each Annual Risk Management Report provided to the board, the document should communicate the Training Plan for the coming year as well.

Looking Ahead: Sustainability and Continuous Improvement

As you develop your Training Plan for the next calendar year, consider sustainability factors that will support long-term program success. Invest in training infrastructure that can adapt to changing requirements, whether through learning management systems, partnerships with training providers, or internal capacity development.

Build evaluation mechanisms into your training program that assess not only completion rates but also learning outcomes, behavior change, and impact on patient safety indicators. Regular program evaluation enables continuous improvement and helps justify resource investments to leadership and the board.

Conclusion

Creating an effective FTCA risk management Training Plan requires careful attention to regulatory requirements, organizational needs, and implementation realities. Success depends on viewing training not as a compliance burden but as a strategic investment in patient safety, staff competency, and organizational resilience.

The current regulatory environment presents both challenges and opportunities for health centers committed to excellence in risk management. By developing comprehensive, well-documented training programs that exceed minimum requirements, your organization can demonstrate its commitment to quality care while building robust defenses against potential liability claims.

Start your planning process early (we recommend using the fourth quarter of each year to plan for the next year’s Training Plan), engage stakeholders across your organization, and remember that effective risk management training contributes not only to FTCA compliance but to the broader mission of providing exceptional healthcare to your community. The investment you make in comprehensive training today will pay dividends in improved patient outcomes, reduced liability exposure, and enhanced organizational reputation for years to come.