Like other law enforcement agencies, the organizations responsible for enforcing the HIPAA rules (Office for Civil Rights -- Privacy Rule, CMS -- Transactions and Code Sets Rule, TBD -- Security Rule) might very well be overwhelmed. That said, it will come down to HIPAA-covered entities making informed business decisions as to whether or not the short-term benefits of avoiding HIPAA compliance, such as the money, time and resources spent, outweigh the risks of getting caught and the distinct possibility of having their patient's information compromised. Even if the "HIPAA police" are not out on the streets knocking on doors and evaluating compliance efforts, it's just a matter of time before patient information is compromised, lawsuits are filed and covered entities are forced to comply and pay an even higher price.
For more information on this topic, visit these other SearchSecurity.com resources:
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.