Study: Non-Compliance Costs Average of $9.4M | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Study: Non-Compliance Costs Average of $9.4M

February 2, 2011
by root
| Reprints

Tripwire, a Portland, Ore.-based provider of IT security and compliance automation solutions, and the Traverse City, Mich.-based Ponemon Institute announced the results of the first benchmark study to estimate the costs associated with an organization's compliance efforts.

In-depth conversations with 160 business leaders spanning 46 multinational companies in multiple verticals revealed that dedicated investments in compliance activities—to meet common regulations such as PCI, Sarbanes-Oxley and HIPAA—are not only a critical component of a comprehensive enterprise security strategy, but can also offer return on investment over time. The average cost of compliance was found to be more than $3.5 million. However, the cost of non-compliance comes in significantly higher at an estimated $9.4 million, 2.65 times higher than compliance costs.

Data protection and enforcement activities ranked among the most expensive compliance activities, and business disruption and loss of productivity were found to be the most significant consequences for companies that did not achieve or maintain compliance. When addressing external compliance, PCI DSS, state privacy and data protection laws, the European Union Privacy Directive and Sarbanes-Oxley were named as the main drivers for investment in compliance, and also among the most difficult requirements to comply with.


Topics

News

Report: Healthcare Organizations Struggle with Human Error in Securing PHI

In the first nine months of 2017, unintended disclosure accounted for 41 percent of healthcare data breach incidents, according to a report from specialist insurer Beazley.

Three More Providers Receive 2017 HIMSS Davies Awards

Three patient care organizations have received the 2017 global Healthcare Information and Management Systems Society (HIMSS) Enterprise Nicholas E. Davies Award of Excellence for healthcare technology innovations that improve patient outcomes.

Medtronic, American Well Team Up to Integrate Telehealth Capabilities

Medtronic and American Well announced a partnership to offer a telehealth solution focused on the unique needs of the complex, chronic, co-morbid patient population.

Medsphere Merges with RCM Vendor Stockell

Medsphere Systems Corp., developer of the OpenVista electronic health record, is merging with Stockell Healthcare Systems, which offers a suite of revenue cycle management tools.

Report: Insider Threats to Patient Data Remain Unnoticed

Of the reported healthcare data breach incidents that occurred in September, it took an average of 387 days for healthcare organizations to discover a breach had occurred, according to a report from cybersecurity software company Protenus.

Reports: Ex-Pharma Exec Alex Azar Emerges as Trump’s Top Pick for HHS Secretary

President Donald Trump could be on the verge of tapping Alex Azar, a former pharmaceutical industry executive and George W. Bush administration official, as the next HHS Secretary, according to media reports.