How often the security compliance should be reviewed?

Security standard mentioned under HIPAA should be reviewed and modified as needed to continue provision of reasonable and appropriate protection of electronic protected health information. Typically, depending on your organizations size, once in every 6 months is recommended. Also, if there is any major change in process flow, technology set up , staff etc, it is wise to review it.