According to the HIPAA Privacy and Security rules, total compliance is required of both covered entities (aka any healthcare provider) and business associates (any company that comes into contact with e-PHI
while preforming services for a covered entity, such as our new partner OnRamp as they host Contentverse).
There are significant challenges, but thanks to related DARPA programs POEM, Quasar, ORCHID, PULSE and E-PHI
and other advanced laboratory research, technology is at the tipping point where we re ready to attempt miniaturization of optical frequency synthesis on an inexpensive, small, low-power chip.
The risk assessment is described in the Security Rule as "an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of e-PHI
held by the covered entity.