Marianne Kolbasuk McGee writes:
The United Kingdom and the United States are both cracking down on healthcare organizations that have experienced information breaches. But they’re taking very different approaches.
In the U.K., the emphasis is on publicizing frequent financial penalties, often for relatively small breach incidents. In the U.S., the focus has been on announcing less frequent “resolution agreements” that spell out a corrective action plan for preventing future breaches and include sizable financial settlements as well(see: A Close Look at U.S., U.K. Penalties).
Read more on GovInfoSecurity.