Warning: HIPAA has teeth and will bite over healthcare privacy blunders

Healthcare organizations that are performing risk assessments as a way to craft patient-privacy policies might want to consider a new potential attack vector: federal regulators. Later this year, the Department of Health and Human Services is expected to start auditing up to 150 health providers at random through December 2012 in an effort to find medical entities that fail to comply with HIPAA and HITECH regulations about how personal data must be handled securely.