Smaller hospitals don’t get a break from regulators; they have to comply with healthcare laws just as the larger hospitals do.
However, community and regional hospitals typically have far fewer resources to provide the data privacy and security that compliance regulations require. This means their compliance programs may have gaps.
What are organizations with small IT teams to do? How can they create programs that include policies, procedures, ongoing monitoring and remediation efforts to reduce incidents? How can they acquire certified compliance and security savvy and create a culture of privacy, security and compliance?
(Originally appeared in Health Data Management)