At the end of a very productive and enlightening day, following a presentation that I gave at the Raleigh Tech Security Conference , I was approached by an attendee and asked the following question (for the record, it's paraphrased somewhat). "We've recently begun implementing HIPAA privacy and security policies in our organization", she told me, "and the management [...]
