The Health Insurance Portability and Accountability Act is a lengthy and arguably cumbersome maze of rules and requirements. Because it's your organization's job to stay compliant, it may seem like a daunting task. Of course, your first step is to fully train all employees on both the HIPAA Privacy and the HIPAA Security rules. Beyond that, it's the organization's job to conduct a formal risk analysis and to ensure that the necessary information safeguards are in place. These steps: the risk analysis and the administrative, technical and physical safeguards, will greatly limit the risk of a breach. And, if a breach occurs, can limit or mitigate any fines imposed by the Office of Civil Rights- the enforcement arm of the U.S. Department of Health and Human Services, or HHS. In this course, we're going to talk through HHS recommendations regarding safeguards.