Recent U.S. efforts to transform healthcare through broader adoption of health IT have increased meaningful use of electronic health records and driven creation of information exchanges. Improving care at lower cost through IT requires managing data loss risks. Has the privacy and security of health information improved; and, are we at a tipping point for embracing better data security?