Security Management Strategies for the CIOAccess "Perspectives: Is HIPAA DOA?"
This article is part of the April 2005 issue of Spotlight on the incident response hot seat
Is HIPAA DOA? The long-awaited privacy law's impact is disappointing compared to other security regulations. We've been waiting nearly a decade for the Health Insurance Portability and Account-ability Act (HIPAA) to go into full effect. Now that it has, is it dead on arrival? When compared to Sarbanes-Oxley, HIPAA is a paper tiger lacking the incentives and penalties to fulfill the protection of patients' health records. Of course, it's easy to argue that SOX has more impact because it applies to a broader community of enterprises--publicly traded companies with greater than $75 million in annual revenue. But the issue is more than just scope; it's about consequences. SOX has teeth; HIPAA has fewer penalties and agencies willing to enforce it. As a result, many health care organizations are balking at the massive investments needed to comply with the act, and government agencies are signaling an unwillingness to hunt down noncompliant organizations. Without enforcement, HIPAA lacks real value. The success of SOX compared to HIPAA comes down to the following ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Secure Reads: The Executive Guide to Information Security
Read a review of the book, The Executive Guide to Information Security: Threats, Challenges, and Solutions.
-
Security information management review: Security Threat Manager 3.0
A review of Security Threat Manager 3.0
-
Hot Pick: Sentryware's HIVE 3.0
HIVE 3.0
-
Warning Lights
Evolving risk dashboards will tell how secure you are and when something's wrong.
-
Rights of Passage
Our tests found that most endpoint security products will enforce policy and network access. Their differences are in the details.
-
Secure Reads: The Executive Guide to Information Security
-
-
Intrusion Prevention: Top Layer's Attack Mitigator IPS 5500
Attack Mitigator IPS 5500
-
Antivirus: Kaspersky Anti-Virus Business Optimal 5.0
Kaspersky Anti-Virus Business Optimal 5.0
-
Recent Releases: Security product briefs, April 2005
Learn about the information security products released in April 2005.
-
Ready For Takeoff
Cutting costs was the only way to keep United Airlines flying high. Rich Perez's answer was to rebuild the network.
-
Damage Control
ChoicePoint's Rich Baich faced the perfect storm: a huge security breach, intense media attention and a shareholder revolt. What he needed was an incident response plan to get him out of the hot seat.
-
Intrusion Prevention: Top Layer's Attack Mitigator IPS 5500
-
Columns
-
On The Radar
It Pays to Plan
-
Perspectives: Is HIPAA DOA?
The long-awaited privacy law's impact is disappointing compared to other security regulations.
-
Ping: James Duffy
(ISC)2's James Duffy
-
Editor's Desk: Identity anxiety
FDIC for Identities
-
On The Radar
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...