From an IT standpoint, the Health Insurance Portability and Accountability Act (HIPAA) is the most challenging regulation to businesses today, according to Ipswitch.
HIPAA, enacted by Congress in 1996 to protect patients’ medical information and confidentiality, was named by almost 40% of respondents as their most difficult compliance regulation.
HIPAA is a comprehensive federal law that affects a wide range of organizations, not only the healthcare and insurance industries.
The Sarbanes-Oxley Act, which states that IT departments must save all electronic records and messages for “not less than five years’ placed second with nearly 30% naming it the most challenging regulation.
Network administrators were asked what, from an IT standpoint, is the most challenging compliance regulation. The results are:
- HIPAA – 38.2%
- Sarbanes-Oxley – 29.3%
- Federal Information Security Management Act (FISMA) – 9.3%
- Basel III – 8.2%
- Other – 15%
Today, enterprises and organizations around the globe are charged with creating IT systems and processes that enable them to be in compliance with various regulations. Increasingly hefty fines and harsh penalties are imposed upon organizations that are shown to not be in compliance.
Recently, a New England-based hospital paid a $1 million settlement for potential violations of HIPAA regulations. With data breach headlines appearing in the news regularly, organizations are under tremendous pressure to keep their sensitive information secure. Along with fines and penalties, loss of credibility and damage to a company’s brand are also among the consequences.
“Enterprises, financial institutions and health care providers are under intense scrutiny to protect the confidential information of their patients and clients,” said Ennio Carboni, president of Ipswitch Inc.’s Network Management Division. “Regulations are updated regularly, as are the hackers’ and thieves’ methods of exploiting them. Staying up-to-date and within compliance is no easy task. Transparency into the state of a network is paramount to making sure that the infrastructure is also supporting an organization’s effort to remain compliant.”