All of you are working on HIPAA Security Compliance initiatives, primarily driven by Federal and State requirements. You are motivated by the penalties and remediation costs you could incur with an exposed breach. While HIPAA Security Compliance makes for a reasonable baseline goal, HIPAA security does not go far enough in our mind to lower your risk substantially.
ePHI represents a substantial revenue stream for driven, organized, international hacker groups. According to a recent article, BitSight Technology indicates that a patient EMR sells for about $20. In comparison, credit card data sells for around $1. The purchase and illegal use on the open market of said information can create a life and death situation. For those compromised patients, inappropriate use of their EMR can result in refused service, diagnosis errors, public humiliation, increase cost, and in the extreme, loss of life. While HIPAA Security Compliance can help reduce your risk footprint, it will not eliminate substantial risk in many areas of your operation. It is not a fool proof protective shield against a sophisticated attack. Only through advanced security management, of which HIPAA Security Compliance is a base, will you be able to lower your risk substantially. Not only can Orion Group provide HIPAA Security Compliance leadership and support, but we offer Advanced Security Management technology, process and support for customers seeking this high level of security management practice.
To read the complete article, go here. http://tinyurl.com/oo89czj