With the passing of the HITECH Act and the formation of a policing body for HIPAA within the OCR, healthcare needs to move to stronger risk-based security now. This two part series covers the HIPAA/HITECH regulatory evolution and goes through some practical tips cost-sensitive healthcare organizations can take to move towards effective risk management.