Until now, the data security provisions of the Health Insurance Portability and Accountability Act received scant attention from regulators, particularly compared to enforcement activity for other federal information security mandates like the Sarbanes-Oxley Act or the Gramm-Leach-Bliley Act.
That is beginning to change, as federal regulators complete their first HIPAA security audit and prepare to issue more detailed compliance guidelines. Compliance executives are starting to take notice.
