Any organization that holds medical records or other healthcare-related sensitive data needs to consider legislation and organizations that govern the privacy of those records. In this case, we are referring to HIPAA, the Health Insurance Portability and Accountability Act, and HITRUST, the Health Information Trust Alliance. These two acronyms are incredibly important for healthcare providers in the United States to understand.
Despite what detractors say, regulations are in place for good reason. They typically protect individuals from organizational malfeasance. Many of these regulations are actual laws passed by a governing body and cover the entire spectrum of the issue, not just the data involved. The ones that have data protection regulations written into them mostly deal with the handling and protection of sensitive information. For organizations that work in industries covered by these regulations there are very visible costs that go into compliance. Today, we look at the costs incurred by these organizations as a result of these regulations, and how to ascertain how they affect your business.