**6. Conclusions**

As risk management evolves, so do the needs for risk communication and risk articulation. Healthcare entities need to know, in advance, exactly what their insurance covers involving privacy and security risks. Patients need to be aware of identity theft concerns if their personal identifying information (PII) is breached and sold in alternative marketplaces. Technology in the healthcare-related infrastructure is here to stay; ultimately, society will need to standardize how they deal with and respond to privacy and cybersecurity risks. The sooner we adopt a framework of actual privacy and security violations and corrections, the better industry will be able to communicate and mitigate risks—especially in healthcare where human life is at ultimately at risk.
