Providence Health & Services was first organization penalized for violating privacy section of HIPAA. The Seattle-based organization recently agreed to fork over $100,000 and make good on a systems improvement plan. In all, 386,000 patients were exposed to potential identity fraud. Providence Health CSO Eric Cowperthwaite explains the steps the organization has taken to ensure such a security lapse doesn’t happen again. He says the changes are behind the scenes, but there are no changes to the user experience.”]