The U.S. financial industry sets guidelines by providing incentives for businesses to protect their personal financial information. Some examples of confidentiality are “. California's Security Breach Notification Act, the Children's Online Privacy Protection Act, the Fair Credit Reporting Act, and the Family Education Rights and Privacy Act” (Johnston and Warkentin, 2008). These privacy policies help companies protect human rights and business financing. One of the major driving factors in improving healthcare is the 1996 HIPAA regulations (Frost & Sullivan, 2008). The Health Insurance Portability and Accountability Act of 1996 is passed by the U.S. Congress. to protect patient health information. The goal of HIPAA regulations is to protect and ensure the privacy of medical information. The law aims to protect any information relating to the health of patients that is recorded or created by any health care provider (Smith, 2000). Healthcare has faced many challenges in protecting health information. The increase in the amount and cost of private health information, lack of uniform standards for disclosure, patient access, monitoring and information sharing led HIPAA to be passed into law in 1996 (Kumar, Henseler and Haukaas, 2009). The purpose of HIPAA was to control patient information. disclosure of information, allowing more patients to access their records, securing data storage and transfer (Kumar, Henseler, & Haukaas, 2009). HIPAA also imposes legal activities and penalties for violating the rules. The law consists of three parts: privacy information, transaction rules and security rules. The privacy rule indicates what information should be kept private, the transactional rule involves the exchange of information, and the security rule involves the security of data transfer (Kumar, Hensele, and Haukaas). HIPAA regulations establish rules that allow vendors to develop a tool or product that can meet security regulations. With clear security regulations provided by HIPAA, EHR technology providers can provide secure data exchange and compliant systems of record. Vendors have made every effort to create a safe and secure HIPAA compliant data storage product (Miller and Sim, 2004). Healthcare spends only 2% of its gross revenues on improving healthcare, while banks spend about 10% of their gross revenues. in their process improvements (Gupta & Murtaza, 2009). With the new safety rules, healthcare must devote its revenue to healthcare reform and the introduction of more techniques to improve patient care. HIPAA requires several things, such as sharing necessary information; providers must give all patient information and disclose it on behalf of patients (Gupta & Murtaza, 2009).