The frequency of security audits can vary based on the size and complexity of the healthcare organization, as well as regulatory requirements. However, it is generally recommended to conduct audits at least annually. In addition, random audits can be performed to ensure ongoing compliance and readiness.