ABSTRACT
Each of these pieces of legislation is an attempt to protect consumers. For example, although a major portion of HIPAA is concerned with standardizing how transactions are performed between health care entities, two sections of the HIPAA law are devoted to privacy and security. The HIPAA security-related requirements primarily deal with the requirement that companies have an information security program consisting of various key elements including security policies and procedures, ongoing risk analysis, certain security technologies, and other provisions. This information security program along with the privacy provisions is there to protect the confidentiality of patients’ electronic patient-identifiable information. GLBA is similar to HIPAA and is applicable to the financial services industry.
