Six Steps to Insuring Data Privacy: The CIO Blog at InformationWeek has an interesting post outlining six steps for making sure you keep your electronic data private. What's interesting is that the first two are specifically required by the HIPAA Security Rule: you must do a security assessment and risk analysis, and you must appoint a Security Officer. Even the third step is something that, while not exactly on point, has a relevant HIPAA correlary: you must have policies and procedures in place to ensure PHI security. All good ideas.