In 1996 the Health Insurance Portability and Accountability Act (HIPAA) was enacted. The Accountability portion of the law requires that healthcare providers protect the privacy of patient health information and includes security measures that must be followed. Provider success has been mixed and has recently come under intense scrutiny due to the number and size of reportable breaches of health information.

Healthcare organizations are struggling to find ways to manage the risks of massive data breaches, which have proven hard to detect, often taking months to discover. In 1996 the Health Insurance Portability and Accountability Act (HIPAA) was enacted. The Accountability portion of the law requires that healthcare providers protect the privacy of patient health information and includes security measures that must be followed. Provider success has been mixed and has recently come under intense scrutiny due to the number and size of reportable breaches of health information. There are several major contributors to this increase. The first is the passage of the American Recovery and Reinvestment Act of 2009.