HIPAA requires medical practices to have a security officer to implement a security awareness program. The Medical Economics network provides advice on how to put together such a program to keep medical practices safe from cyber-threats.