Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

Blogs

Events

Glossary

Guides and reports

What is the HIPAA Breach Notification Rule?

‍

The HIPAA Breach Notification Rule is a 2009 addition to the original Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The HIPAA Breach Notification Rule requires HIPAA-covered entities and their business associates to provide notification following a breach of unsecured protected health information (PHI). Generally defined, a breach is an impermissible use or disclosure of PHI that compromises its security or privacy. Such use or disclosure of PHI is presumed to be a breach unless the covered entity or business associate demonstrates a low probability of compromised PHI.

The HIPAA Breach Notification Rule was introduced in conjunction with the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. This Rule requires notification to affected individuals, the U.S. Department of Health and Human Services, and in some cases, the media, in the event of a breach of unsecured PHI.

Covered entities and business associates with access to PHI are obligated to ensure administrative, physical, and technical safeguards are in place to maintain the security of patient data. Additionally, they must have procedures in place should a data breach occur and comply with the HIPAA Privacy Rule.

Related Terms

Additional resources you might like:

Compliance

Event

Fostering a culture of security in an AI world

Join our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Compliance

Event

Streamlining SOC 2 Compliance with Vanta and AWS

Join our Coffee and Compliance session, where our experts, Ethan Heller, GRC, Subject Matter Expert at Vanta, and Brad Dispensa,WWPS Specialist SA at Amazon Web Services (AWS) cover some of the challenges of SOC 2 compliance and show how Vanta and AWS work together to simplify and accelerate SOC 2 compliance.

Compliance

Event

How to streamline SOC 2 and ISO 27001 compliance with automation

Join Vanta’s 45-minute live product demo. Our Vanta team will walk you through the platform and answer questions throughout the session.

ISO 42001

Event

How to demonstrate secure AI practices with ISO 42001

Join Vanta and A-LIGN for a Coffee and Compliance session on ISO 42001 —what it is, what types of organizations need it, and how it works.

Company news

Event

What’s new in Vanta: Unveiling the Future of GRC Roadmap

We had the pleasure of hosting Jeremy Epling, Vanta’s CPO from our Vanta Sydney office, where he shares and demonstrates some exciting new product updates designed to help security teams future-proof and scale their GRC programs more easily.

Compliance

Event

How to streamline ISO 27001 and SOC 2 compliance with automation

Watch Vanta’s 45-minute live product demo. Register today to begin your automated compliance journey!

Compliance

Event

Strategies for scaling your GRC program with automation and AI

As your business grows, there are increasing demands around GRC programs. Join us live, as we discuss what to consider when scaling your GRC program.

Security

Event

How Trust Centers Help Save Time and Accelerate Sales

Join us on October 3rd to discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.

Compliance

Event

Streamline governance, risk, and compliance workflows and save hours

Join us to learn how Vanta can streamline governance, risk, and compliance workflows, automate control monitoring, and help your team save valuable time.

Follow us

What is the HIPAA Breach Notification Rule?

Related Terms

Additional resources you might like:

Additional resources you might like:

Get compliant and build trust—fast