This is really no one right answer here. There are plenty of wrong answers and versions of what the right answer could be. Taking what you know about Digital Rights Management and what you know about cybersecurity in general, write a two-page (~500-1000 words) executive brief on how you as a healthcare financial processing institution (credit card processing, health insurance billing, patient payment information, etc.) will abide by this regulation to ensure proper adherence to the law.

report to your CFO what you plan to do to meet the following program guidelines:

• The safeguard rule Financial services companies (which include healthcare systems) and insurance companies must secure personal information for their customers through the use of computer firewalls and encryption, and procedures for safely destroying personal information.
• The financial privacy rule Financial services companies (which include healthcare systems) and insurance companies must inform customers of their privacy policies and how they share personal financial information (privacy disclosure).
• Opting out Financial services companies (which include healthcare systems) and insurance companies must give customers the option to opt-out of sharing some of their personal financial information.