In case you wondered why your IT department isn’t reasonable about security, it’s because the penalties aren’t reasonable.
Stolen laptops lead to important HIPAA settlements
Two entities have paid the U.S. Department of Health and Human Services Office for Civil Rights (OCR) $1,975,220 collectively to resolve potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. These major enforcement actions underscore the significant risk to the security of patient information posed by unencrypted laptop computers and other mobile devices.
1.7 Million dollar fine.