Abstract
This session illustrates how specific HIPAA requirements for security, privacy, and auditability can be addressed by the application of identity and access management middleware as defined by the NSF and Internet2 middleware initiatives. This session will include an overview of the special challenges surrounding coordinated planning and execution of information technology projects by central IT units and the academic medical center staff.