LinkedIn
HIPAA compliance is a complex cybersecurity standard with onerous consequences for failure. Securing Protected Health Information (PHI) at rest and in transit is the critical piece that is too often neglected until it leads to breaches of HIPAA requirements.
HIPAA’s Final Omnibus Rule in 2013 doubled the maximum fine for a single violation of HIPAA from $25,000 to $50,000 per compromised patient record. Meaning the potential penalty for failing to secure PHI adequately could run into the hundreds of millions of dollars, even for a breach of just a few thousand records. Adequately securing data per HIPAA requirements is a bet-the-business exercise in security sufficiency and knowing whether security measures were performed to HIPAA’s high standards is a necessity.