Health information management policies usually address the use of paper records with little or no mention of electronic health records. Information Technology (IT) policies often ignore the health care business needs and operational use of the information stored in its systems. Representatives from the Telemedicine & Advanced Technology Research Center (TATRC), TRICARE and Offices of the Surgeon General of each Military Service, collectively referred to as the Policies, Procedures and Practices Work Group (P3WG) examined military policies and regulations relating to computer-based information systems and medical records management. Using an interdisciplinary and interservice QA approach they compared existing military policies with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to identify gaps and discrepancies. The final report, including a plain English explanation of the individual standards and relevance to the Department of Defense (DoD), a comparative analysis and recommendations, will feed in to the security management process and HIPAA implementation efforts at multiple levels within the DoD. In light of High Reliability Theory, this process models how large enterprises may coordinate policy revision and reform across broad organizational and work domains, building consensus on key policy reforms among military stakeholders across different disciplines, levels of command hierarchy and services.