I need to organize a discussion board post regarding the topic Safeguarding Personal Health Information and the Technology that Houses It.

Here are the specific discussion instructions;
As INS you have been given responsibility for the review and revision of all policies relative to the collection, storage, transmission, and retrieval of personal health data as well as corporate computers, computer networks and related resources for your 10 hospital healthcare delivery system that includes ambulatory clinics and owned physician practices. What strategies would you use to accomplish this task and what major areas would you address in the policies? Please provide your rationale.

I need at least one reference