This short article in Forbes on-line summarizes concerns with compliance to — and related costs — updates in HIPAA (Health Insurance Portability and Accountability Act). As noted, security and privacy are getting more serious with each iteration.
This is no small concern:
The Department of Health and Human Services estimates that the cost of compliance with the final rule will be somewhere between $114 and $225 million (first year) and about $14 million for each year thereafter… the rule qualifies as an “economically significant” one under Executive Order 12866.
The reason for this new level of security is pretty fundamental. Healthcare has had some serious deficiencies through the years and it’s a prime target for identity theft. Not so much for the actual healthcare information but for financial fraud – which is a companion problem in healthcare (to the tune of about $70 billion a year in Medicare fraud alone).