With the proliferation of electronic patient information, hospital administrators, compliance officers,privacy officers and information security officers are required to enforce patient privacy. Motivated by patient-citizen damages from increased healthcare privacy breaches, law-makers across the United States, Canada, and Europe have enacted new regulation protecting patient privacy and penalizing those involved. Snooping, identity theft and general inappropriate access of medical records are now explicitly prohibited. Additionally, a patient's right to know who has accessed their records has been expanded,requiring hospitals and their business associates to account and disclose for personal health information breaches. Beyond putting patients at risk, personal health information breaches are increasingly putting
healthcare organizations at a significant risk of financial, and reputational harm.