HIPAA Breaches Cost Small Providers, too!

In a recent article (link) posted by Metropolitan Corporate Counsel, attorneys Luiz Diaz and David Crapo assess the costs associated with HIPAA breaches. Their analysis is based on a review of reports made since the 2009 Notification Rule went into effect.

Since 2009, providers have paid almost $15 million dollars in notification costs for postage, media alerts, toll-free number support, investigative costs and additional mandated reporting.

Responsible entities have also paid significant fines. The largest was $1,215,000 by Affinity Healhcare and the smallest was $50,000 incurred by Hospice of North Idaho for the theft of ONE unencrypted laptop containing only 500 records.

The avoidable costs of a data security or privacy breach are a strong reason for entities covered by HIPAA to put robust privacy and security policies and procedures in place.

Speak Your Mind