HIPAA gives details that one needs to follow in IT compliance, but there are no proper details about the methods….