Study: Non-Compliance Costs Average of $9.4M | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Study: Non-Compliance Costs Average of $9.4M

February 2, 2011
by root
| Reprints

Tripwire, a Portland, Ore.-based provider of IT security and compliance automation solutions, and the Traverse City, Mich.-based Ponemon Institute announced the results of the first benchmark study to estimate the costs associated with an organization's compliance efforts.

In-depth conversations with 160 business leaders spanning 46 multinational companies in multiple verticals revealed that dedicated investments in compliance activities—to meet common regulations such as PCI, Sarbanes-Oxley and HIPAA—are not only a critical component of a comprehensive enterprise security strategy, but can also offer return on investment over time. The average cost of compliance was found to be more than $3.5 million. However, the cost of non-compliance comes in significantly higher at an estimated $9.4 million, 2.65 times higher than compliance costs.

Data protection and enforcement activities ranked among the most expensive compliance activities, and business disruption and loss of productivity were found to be the most significant consequences for companies that did not achieve or maintain compliance. When addressing external compliance, PCI DSS, state privacy and data protection laws, the European Union Privacy Directive and Sarbanes-Oxley were named as the main drivers for investment in compliance, and also among the most difficult requirements to comply with.

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on

betebettipobetngsbahis bahis siteleringsbahis