The Health Insurance Portability and Accountability Act (HIPAA) enacted in 1996, mandates standards-based implementation of security controls by all healthcare organizations that create, store or transmit electronic Protected Health Information (PHI) .  Further in May of 2011, the Department of Health and Human Services’ Office for Civil Rights (OCR) published a proposed rule, managed under Read more