If you think compliance with HIPAA is complex and expensive, non-compliance can turn out to be twice that. And Blue Cross Blue Shield of Tennessee (BCBST) stands testimony to this fact. On March 13th 2012, the Department of Health and Human Services (HHS) announced that BCBST agreed to pay a sum of $1.5 million for HIPAA violation in connection with the theft of 57 unencrypted hard drives which contained health information of more than 1 million individuals.
But it turns out that this payment made by BCBST to HHS is only the tip of a huge iceberg. The Nashville Business Journal reported that over and above this $1.5 million, BCBST has spent nearly $17 million in investigation, notification, and protection efforts alone. This case proves beyond any doubt that a data breach can cost you significantly much more than just a legal penalty. You may end up paying substantial remediation costs and administrative fines.
This sounds a loud warning bell once again alerting businesses to be mindful of their security policies procedures and infrastructure. More than anything else, what businesses need today is a comprehensive security solution that can completely take over the hassles of ensuring security and compliance, and offer the capability to avert threats and prevent any form of data breach from occurring.
eGestalt’s SecureGRC has been designed just to do that. With its built-in support for HIPAA compliance, SecureGRC can ensure that your business is fully compliant with the requirements of HIPAA and can save you from the potentially high cost you may have to pay for non-compliance.