Employees should be considered the first line of defense, but experts say they are also often considered the weakest link. The healthcare practice needs to show that it is willing to implement strong security policies, enforce them and put in place the proper safeguards to secure data. Employees should be trained on how to use newly implemented security systems. Executives and management must set a good example. Accountability and taking responsibility for data security should be one of the healthcare organization's core values.