Patient privacy protection was enacted as law in 1996 with the Health Insurance Portability and Accountability Act, known as HIPAA; however, over the last decade, few physicians fully complied with the law. Of physicians, 70% note they do little to regulate mobile devices as part of their protection of private, patient information. In addition, 31% of the 1,400 surveyed reported that upon implementation, employees receive few rules about how they can use their own devices at work and what security precautions they should take. The easiest method to secure these devices is to install a password and only use encrypted data. Surprisingly, only 61% reported that they back up the data they have. Most providers (69%) have never conducted a risk assessment to determine the vulnerability of their data (Westgate 2014).