What is HIPAA compliance?
HIPAA compliance involves fulfilling the requirements of the initial Health Insurance Portability and Accountability Act (HIPAA) of 1996, its subsequent amendments and additions, and any related legislation. Covered entities and business associates with access to protected health information (PHI) are obligated to ensure administrative, physical, and technical safeguards are in place to maintain the security of patient data and that they are in compliance with HIPAA Rules.
A company does not achieve HIPAA compliance by proving its adherence to a single static standard. HIPAA’s rules and requirements are intentionally broad and flexible to accommodate the range of types and sizes of covered entities and business associates that create, access, process, or store PHI, and that must thus comply with HIPAA. Organizations are responsible for providing in an ongoing way that they are abiding by all the rules and requirements of HIPAA.