I have spoken with a lot of patient privacy auditors and compliance officers, and the most common question that I get is:
“Where do I start?”
They go on to say, "Now that all the data is captured from the different systems that contain PHI, and we have information about the users and patients, what’s next?"
