It would make sense that the systems housing patient records at a physician’s office should be protected by a robust duty on the part of the physician’s employees to keep such records confidential. The purpose, of course, is to ensure the physician’s responsibilities under the Health Information Portability and Accountability Act (“HIPAA”) are properly carried