| Information Security issues are a serious matter that organizations from all industries have to deal with. Healthcare industry is no exception. Personally identifiable healthcare information automated by the healthcare industry can be stolen, intercepted, altered, and misused. Acceptable safeguards, therefore, have to be in place in order to ensure the privacy and protection of this information. Without governmental intervention however, it seems unlikely that the healthcare industry will voluntarily implement such safeguards. Health Insurance Portability and Accountability Act (HIPAA) security rule has emerged and mandated by congress from the need of such intervention. The quantitative, descriptive/correlational investigation in this dissertation was aimed at determining if covered entities in Washington State are HIPAA security rule ready after two years from the compliance deadline, and if the factors identified through the literature review are a hindrance to HIPAA security rule compliance. This research study revealed that HIPAA Security Rule full compliance is far from achieved; many factors have emerged as impediments to the compliance process; and the way to compliance is complex and costly. Tracking the compliance progress within healthcare institutions in Washington State over the last five years revealed that the reaction to the HIPAA Security Rule was strong around the mandated date; the response after the mandated date, however, has been weak. |
