How Healthcare Organizations Can Avoid Damaging Security Incidents and Loss of Patient Data