From ADA News:
Mississippi hospital agrees to $2.75 million settlement
its investigation followed UMMC’s report of a stolen laptop. The investigation revealed that information stored on a UMMC network drive was “vulnerable to unauthorized access” via the hospital’s wireless network because users could access a directory that included 328 files containing the electronic protected health information
As with most reported incidents the breach was the result of a stolen computer, not hacked data. There was no evidence that any patient had actually been harmed or that the data potentially at risk on the stolen laptop had been used in a malicious manner. Never the less the hospital was fined $2,750,000. That works out to $275 for each of the 10,000 patients potentially exposed.
If you have an average 3,000 dental patients your fine would be $825,000. Could you survive that?