As part of the Certified HIPAA Security Officer Bootcamp and the Certified HIPAA Security Business program, I have been spending quite a lot of time doing research. This research allowed to do an informal assessment of the state of compliance in the United States. Sad to say that what I found was depressing at best. Let me give you a taste of our findings:
We could go on for a while yet there is no reason to do so as our point is to simply state that our overall state of compliance is declining at a time where the risks are increasing. I have actually spent over twenty years researching, resolving problems and creating systems to assist with compliance issues yet I can admit freely that I do not know it all. I have also seen the number of settlements and fines increasing to a point that I’m certain we cannot afford to continue this trend.
On the other hand, there is good news. Most of us still have time to change this trend. It is not going to be easy nor is going to be fast, but it will certainly be worthwhile. Which brings me to my recommendations:
Just plain and simple, our state of compliance is not good, but with the proper training and action plan we can change this trend.