PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
April 2005

Perspectives: Is HIPAA DOA?

Is HIPAA DOA? The long-awaited privacy law's impact is disappointing compared to other security regulations. We've been waiting nearly a decade for the Health Insurance Portability and Account-ability Act (HIPAA) to go into full effect. Now that it has, is it dead on arrival? When compared to Sarbanes-Oxley, HIPAA is a paper tiger lacking the incentives and penalties to fulfill the protection of patients' health records. Of course, it's easy to argue that SOX has more impact because it applies to a broader community of enterprises--publicly traded companies with greater than $75 million in annual revenue. But the issue is more than just scope; it's about consequences. SOX has teeth; HIPAA has fewer penalties and agencies willing to enforce it. As a result, many health care organizations are balking at the massive investments needed to comply with the act, and government agencies are signaling an unwillingness to hunt down noncompliant organizations. Without enforcement, HIPAA lacks real value. The success of SOX compared to ...

Access this PRO+ Content for Free!

Features in this issue

  • Warning Lights

    Evolving risk dashboards will tell how secure you are and when something's wrong.

  • Ready For Takeoff

    Cutting costs was the only way to keep United Airlines flying high. Rich Perez's answer was to rebuild the network.

  • Rights of Passage

    Our tests found that most endpoint security products will enforce policy and network access. Their differences are in the details.

  • Damage Control

    ChoicePoint's Rich Baich faced the perfect storm: a huge security breach, intense media attention and a shareholder revolt. What he needed was an incident response plan to get him out of the hot seat.

Columns in this issue