Attorney David Hanson, a partner in Michael Best & Friedrich and chairman of its healthcare practice group, noted there are people in the health field who think the industry already is spending too much time and money on patient data security - thanks to regulations like the Health Insurance Portability and Accountability Act.
Too much time and money? Yeah, like there hasn't been any data-breeches lately in the health-care sector. Only if you are spending your money stupidly. Only if your time is spent trying to find ways to just barely comply, as a part of a general CYA policy concerning compliance.
Show me a properly designed and fully supported patient data security system. Then bitch about too much time and money. Anybody who thinks this deserves whatever exposure to lawsuit they get.
"It's a strategy, not a policy!"