What are your thoughts on departments such as pharmacy or insurance companies only having access on need to know information? What are your thoughts on an accidental breach such as a company getting the full medical record of the patient? How can this be prevented?