Staff training, vendor rules can help prevent breaches