Problem
Imagine that you work in the medical and health care industry as an information technology (IT) manager. What compliance laws and policies should the organization follow to protect the patient's information and allow only authorized personnel to review patient records? Briefly explain why.