The HIPAA Act specifies best practices in information systems security and control. outlines medical security and privacy rules. requires financial institutions to ensure the security of customer data. imposes responsibility on companies and management to safeguard the accuracy of financial information.