Skip to content
IPswitch conducted a recent survey of 100,000 end users who were asked about their most challenging compliance issues. According to the survey, compliance with the Health Information Portability and Accountability Act (HIPAA) was the clear winner for the top spot. Of the 100,000, 38.2% chose HIPAA and second place came in at 29.3% held by Sarbanes Oxley Act (SOX). The next closest competitor for IT concern was compliance with the Federal Information Security Management Act (FISMA) at a mere 9.2.
Let’s focus on HIPAA for this entry. Why are so many concerned about HIPAA? I think this is actually simpler than you might imagine. First of all, the law is ambiguous and almost always changing through interim final rules and final rules being released by the HIPAA regulatory body, HHS. Second, in the past, HIPAA was known as a paper tiger. It roared a whole bunch, sat up in an attack posture and made threats of a punishing result for those who failed to comply. The penalties were maxed at low enough numbers and patients were not allowed individual actions, so that the ROI on compliance simply didn’t make sense. To spend potentially hundreds of thousands of dollars to defend against much lower potential exposure was not an easy sell.
Now, add that prior to the February 2009 passage of HITECH, there were no significant enforcement actions taken between HIPAA’s passage in 1996 and 2009. The utter lack of knowledgeable talent who fully understand the HIPAA Privacy and Security Rules was/is also a problem. After HITECH, there have been several significant penalties levied for failure to comply. These penalties were in excess of a million dollars and one this year was 4.3 million. Believe it or not, in a few cases, people are being sent to jail.
BEWARE…In addition, the liability to individuals and Business Associates used to be limited and corporate officers, managers and others could ignore the regulation with impunity because they knew their company would cover them. Business Associates could just sign an attestation that they would take care of the data they possessed. Today, those Business Associates must comply with the same rules as the Covered Entity and civil & criminal penalties can be levied on individuals for willful neglect or malicious actions. The days of ignoring HIPAA have passed. If you don’t take it seriously you may well find yourself on the wrong side of a prosecution, civil penalty or civil lawsuit.
If you would like to know more about how HIPAA has changed, how it might apply to you, or need assistance, please feel free to call us at 949-428-5000 and ask for Kevin McDonald.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a type of software testing performed by Alvaka after a software patching sequence to ensure that the system is working correctly and to identify any misconfigurations or conflicts within the patched system.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a term used to describe the testing process for servers after patches are applied.