Risk to Healthcare
According to the HIPAA Journal, the average cost of a healthcare data breach is now $9.42 Million.
The IBM Security 2021 Cost of Data Breach Report indicates data breach costs have risen again and are now at the highest level since reporting started 17 years ago.
The healthcare industry leads all of other sectors in average cost per data breach. Adaption of new technologies has resulted in increased vulnerabilities as security and compliance has lagged behind rapid IT changes.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law requiring the creation of national standards to protect sensitive patient health information.
The law modernized the flow of healthcare information, stipulates how personally identifiable information (PII) maintained by healthcare and healthcare insurance industries should be protected from fraud and theft.
It generally prohibits healthcare providers and healthcare businesses from disclosing protected information to anyone other than a patient and the patient's authorized representative without their consent.
The Health Information Trust Alliance (HITRUST) is an organization governed by representatives from healthcare and industry. HITRUST created and maintains the Common Security Framework (CSF) to help healthcare organizations and their providers demonstrate their security and compliance in a consistent and streamlined manner.
HITRUST provides a benchmark - CSF, assessment, and certification process - against which cloud service providers and covered health entities can measure compliance.