Large and small medical clinics have a unique responsibility of maintaining patient confidentiality since they collect a large amount of Personable Identifiable Information (PII) and Electronic Protected Health Information (ePHI) (Metzger, 2016). According to the Department of Homeland Security (DHS), PII is any information that can be used to reveal the identity of an individual, regardless of their citizenship status in the United States (U.S.)(DHS, 2021). Sensitive PII consists of personal information such as social security numbers, medical records, criminal records, and biometrics. Laws that govern the use of PII and ePHI include the Health Insurance Portability and Accountability Act (HIPPA) as well as The Privacy Act, ensuring that the right steps are taken to protect this information (Metzger, 2016). Network security plays a major role in digital data privacy and protection by examining the structure of the business through its day-to-day operations (CISA, 2022). Furthermore, the examination must understand how data is stored, protected, and transmitted to minimize exposure. Therefore, following an initial assessment of the network, this project will propose increased protection of patient and employee data through improved methods that will harden the network.