Retailers can look to healthcare for lessons in security

With retailers destined to stumble from their tightrope walk between privacy and security requirements and the use of new customer information, it is instructive to look at the implications and consequences of HIPAA privacy and EHR mandates and incentives in healthcare.

Healthcareitnews.com is a veritable legal blog documenting various costs for transgressions by healthcare IT buyers and vendors alike:

Breaches such as one revealed this week can tap both medical and credit card data. A four-year HIPAA breach was also reported in December. As HITN reports:

“HIPAA covered entities and, more recently, business associates can be slapped with up to $50,000 fines per HIPAA violation due to willful neglect that goes uncorrected. Entities could face $10,000 per violation due to willful neglect when the violation is properly addressed.”

Further, the costs of meeting the regulations and requirements can be steep when an implementation simply goes awry, rather than sparking fines or a liability suit. The Maine Medical Center slipped into the red when its Epic EHR implementation went over budget, with nearly $55 million in its latest additional spending required for staff training alone.

Retailers are forced to traffic in sensitive customer data by dictate of the market; healthcare organizations, by the government. But it is likely that laws will be passed to enforce greater penalties for retail transgressions than are paid presently. Both industries will need to further ruggedize systems handling new levels of private customer data.

Relevant Analyst
3Stuart_IMG_1538-cropped-2d254fafdf388a28991290929a3d73767-avatar2

Laura Stuart

Analyst Independent Industry Research

Do you want to speak with Laura Stuart about this topic?

Learn More
You must be logged in to post a comment.

No Comments Subscribers to comment

Latest Research

Latest Webinars

Want to conduct your own Webinar?
Learn More

Learn about our services or Contact us: Email / 800-906-8098