As a health care entity, you know one of your biggest priorities is keeping your patient data safe. That’s really what HIPAA/HITECH is designed to do. It’s a set of standards and compliance that you’ve got to follow to protect patient information. It’s also the law, so it’s important that you know what the law states and what it doesn’t so you’re taking the right approach to secure data and be compliant with the law.
Those who choose not to be compliant with HIPAA are subject to a multitude of fines. Some of the statistics we’ve seen suggest that the average cost of a major data breach within a healthcare entity is about two million dollars.
When it’s all said and done, that can extend out to about four million dollars when you look at all of the bad public relations that occurs, because if more than 500 patients are breached, you’ve got to go public and publish it through the media as well as contact every one of those patients who were breached. That’s enough to take down hospitals or physician practices.