HIPAA must have more strict rules to be able to charge companies which don’t comply with it. Now it has many details but it looks like a list of suggestions. When something goes wrong, companies negotiate around these rules and get huge discounts on charges. People may change their leaked username/password and live with it. But this isn’t the case with PHI data. So results must be more serious for the companies.
No comments yet.