HIPAA Security Rule compliance in municipal organizations

I am always astonished by the number of organizations I encounter that are not in compliance with the HIPAA Security Rule (45 CFR Parts 160, 162 and 164). If you are running a County government, for instance, there is a high probability that one or more of your departments are covered entities and have