49. A reputable healthcare organization is planning its initial steps in implementing its information security project Management is not only aware of the required federal regulations compliance such as Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) but is concerned with the organization's risk management activities The hospital has already done an internal and external vulnerability check

What should healthcare executives prioritize first?

O Design an educational privacy and compliance program for the organization O Strengthen the organization's legal and risk management department O Hold privacy and security team members accountable for their work

O Appoint influential, effective leaders from the organization's staff and physicians to plan, implement, and sustain the privacy and security campaign