According to an analysis by the Health Information Trust Alliance (HITRUST), regulated health care organizations that have reported health information breaches of 500 or more people could cumulatively spend upwards of $1 billion in related costs.
Since the Health Information Technology for Economic and Clinical Health Act or HITECH Act of 2009 came to being, a number of new privacy, security and reporting and non-compliance penalty provisions went into effect. And as summarized by this report from HITRSUT, there have been 108 entities who have reported security breaches since September of last year.
Those breaches comprise about 4 million people and records.
MIAOULIS NOTE: This articles points out an average of $204 per individual breach.