In today’s high-tech, network-connected, and increasingly device-connected (in the “Internet of ings”) world, depending on locking le cabinets and passwords alone to protect the privacy of health information is not feasible. In addition to technology challenges, the laws in force to protect patient information have historically been, and continue to be, very patchwork and greatly diverse under the large collection of state and federal laws and regulations. In the distant past, patient and health information could be distributed without notice for almost any reason, including those not even related to health care or medical treatments. For example, such health information could be passed from an insurer to a lender, who subsequently could deny the person’s application for a mortgage or a loan. e health information could even be sent to the person’s employer, who could then consider it for making personnel decisions.