b'Brian Lapidus of Kroll on what healthcare organizations need to do to comply with the security provisions of the HITECH Act.'