Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

Blogs

Events

Glossary

Guides and reports

What are the rules of HIPAA?

‍

The Health Insurance Portability and Accountability Act (HIPAA) is composed of a number of standards or rules by which compliance can be monitored. HIPAA Rules include the Privacy, Security, and Breach Notification Rules, as well the Transactions and Code Set Standards, Identifier Standards, Enforcement Rule, Omnibus Final Rule, and the HITECH Act.

‍

The HIPAA Privacy Rule sets national standards to safeguard individuals’ medical records and other protected health information (PHI), and establishes when PHI may be used and disclosed. The HIPAA Security Rule specifies safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The HIPAA Breach Notification Rule requires that, in the event of a breach of unsecured PHI, notification of the breach is communicated to affected individuals, the U.S. Department of Health & Human Services (HHS), and in some cases, the media. HIPAA Rules apply to covered entities and business associates.

‍

It is important that organizations that work in or with the healthcare industry, or that have access to protected health information (PHI), are aware of the HIPAA Rules and adhere to their standards. Adhering to the HIPAA Rules will help ensure that an organization is protecting the privacy and security of patients’ PHI, and is prepared to alert required individuals and institutions in the case of an incident of non-compliance.

Related Terms

Additional resources you might like:

SOC 2

Events

Demo: Automating Compliance for SOC 2, ISO 27001, HIPAA, and More

Join our demo to learn how Vanta helps organizations streamline compliance for frameworks like SOC 2, ISO 27001, HIPAA, and more.

Comparisons and reviews

Blog

Why enterprise leaders choose Vanta over Drata to prove and manage trust

Learn how Vanta is uniquely equipped to meet the needs of large, complex organizations.

Vendor Risk Management

Events

Demo: Navigating Third-Party Risk Through Vanta’s Vendor Risk Management

GRC

Events

Turning Chaos Into Clarity: Continuous Security at Scale

Join Vanta’s GRC expert to learn how automated, continuous trust management replaces manual processes, helps you stay audit-ready, strengthens risk insights, and turns your GRC program into a business advantage.

SOC 2

Events

Demo: Accelerate security and compliance workflows with AI

Tune in for this live demo that will showcase how Vanta simplifies compliance, centralises security workflows, and automates evidence collection across 35+ frameworks like SOC 2, ISO 27001 and more.

GRC

Events

The New Rules of Trust: Compliance, Risk, and AI

Watch on-demand as Ashish Rajan, CISO at Kaizenteq (and host of the Cloud Security Podcast), and Faisal Khan, GRC Subject Matter Expert at Vanta have a tactical conversation on what it really takes to mature compliance, risk, and trust in the age of AI.

Compliance

Guide / Report

The ultimate guide to FedRAMP: A requirements guide for authorization

Learn about FedRAMP authorization, from impact levels to compliance steps, to unlock opportunities with U.S. federal agencies.

Compliance

Events

Secure from the Start: How Founders Build Compliance Into Early-Stage Growth

Hear from the Head of Information Security at Robin AI and the Co-Founder & CEO of Pavlov as they share how they embedded security and compliance into their startup journey, without slowing down innovation.

Compliance

Events

Building Trust in the AI Boom: Security, Capital, and Credibility from Day One

Join the CFOs of Vanta and Mercury for a tactical conversation on how early-stage teams can build trust with investors and buyers, without slowing down.

Follow us

What are the rules of HIPAA?

Related Terms

Additional resources you might like:

Additional resources you might like:

Get compliant and build trust—fast