November’s Issue of HFM, the journal for the Healthcare Financial Management Association, features an article authored by Mac focusing on the potential costs associated with HIPAA/HITECH compliance.
One of the most common concerns that we hear from the Information Security leaders that we work with is the lack of financial support for the information security programs that they know they need to employ. This concern is further quantified in many of the surveys of healthcare information security conducted over the past 4 years where security spending is reported, on average, at less than 3% of the annual IT spend. This will simply not get the job done.
In this article, Mac strived to set a measured expectation for HFM subscribers, healthcare finance leaders, as to the costs associated with the current regulatory mandates for IT security in healthcare.
We hope that this article serves to open and further the dialogue that should be happening between IT, compliance, audit and finance to set direction and budget for IT security.