1. Outline those organizations considered "covered entities" that have to follow the HIPAA Privacy Rule and those that don't.

2. Stress that HIPAA protection applies to personal health information, regardless whether it is in a paper or electronic format.

3. Enumerate the list of consumer rights under HIPAA.

4. List and emphasize the 18 identifiers that must be removed in order to label patient data "deidentified."

5. Discuss the permitted uses and disclosures of information according to the Security Rule. 6. Emphasize the required administrative requirements for covered entities such as designating a privacy officer.

7. Discuss service disruption and data breaches. Security breaches remain a frequent phenomenon within the healthcare community. Emphasize that frequent information breaches will only aggravate an already contentious area of HIT and cause more regulations. Search on the Internet for the latest data breaches.

8 Describe three categories of authentication: something one knows, something one has or something that one is and provide examples of each one. Perform a web search for cutting-edge methods of authentication such as voice imprints.