There are three types of measures you can take to protect your data, Technical Measures, Physical Measures and Administrative Measures.
Administrative Measures are the policies and procedures you set in place that members of your practice need to follow when handling patient information.
The majority of HIPAA Breaches actually happen due to human error. This can be due to a mistake, or somebody in a practice not being aware of the proper steps to take to protect patient information.
An example of an Administrative Measure is that workers must log off of computers or lock the computers when they leave their workstations.
The TLD Systems method of HIPAA compliance includes providing you with a set of policies and procedures that you can (and must) share with your employees as well as online training webinars on how to protect the patient information they are entrusted with.