The costs to comply with the HIPAA are specific to each organization and are measured by type, size, culture, environment, and risk tolerance. With this in mind, costs involved have been divided into three general categories: Labor (Administrative), Expense, and Capital. Almost all of the privacy standards and 75 percent of the proposed security rule are administrative; therefore, many organizations identify Labor or Administrative as the most costly …show more content…
Expense budgets can be one-time expenses or recurring costs. To prepare readiness and implementation plans organizations may hire consultants, which would be classified as a one-time expense. Lawyers are sometimes necessary to write new contracts and to review policies and procedures to ensure the business is in compliance with the law. The money paid to the lawyers would also be considered a one-time expense. The last example of a one-time expense would be the hiring of or working with vendors that test network vulnerabilities and disaster recovery