Information Assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
Many people think that
1. They have right to collect all personal information about patients, customers.
2. They store credit card / debit card information in plain text in database
3. They share customer information with third parties
4. They transmit data through unsecured network
5. They store data without encryption
6. They are not aware of masking data
All these practices are not acceptable.
Information Assurance to be taken care from requirements gathering to testing.
Further reference: http://www.iac.iastate.edu/