The Healthcare Insurance Portability and Accountability Act (HIPAA) is one of the more complex regulations in the U.S., due in no small part to the complicated and open-ended nature of the law.
What should companies do? In this case, covered organizations are turning to risk-based assessments to help them support their security approaches.
Here, we will discuss how risk plays a role in the rule of HIPAA law.