© Eric C. Thompson 2017

Eric C. Thompson, Building a HIPAA-Compliant Cybersecurity Program, https://doi.org/10.1007/978-1-4842-3060-2_13

13. Investing for Risk Reduction

Eric C. Thompson

(1)Lisle, Illinois, USA

Limited resources are a fundamental concept of economics, and tough decisions about how to deploy those resources must be made. Examples can include choosing one technology over another, or choosing between technology and head count. This is especially true for cybersecurity programs at healthcare providers, insurance payers, and business associates, where budgets and resources are often limited. This shines a light on why conducting regular risk analysis and assessment exercises is important. Decisions on how to utilize limited resources ...

Get Building a HIPAA-Compliant Cybersecurity Program: Using NIST 800-30 and CSF to Secure Protected Health Information now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.