Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is the HIPAA Enforcement Rule?

The HIPAA Enforcement Rule is a 2006 addition to the original Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA required the Secretary of the U.S Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. 


The HIPAA Enforcement Rule introduced the ability for the U.S. Department of Health and Human Services (HHS) to fine organizations for avoidable ePHI breaches. HHS’s Office for Civil Rights (OCR) is responsible for this enforcement, which it achieves through compliance reviews, outreach to encourage compliance, and investigating complaints.


Financial penalties and other HIPAA sanctions act as a deterrent against HIPAA violations while ensuring covered entities are held accountable for protecting patients' privacy, the confidentiality of health data, and providing patients with access to their health records on request. The penalty structure for HIPAA violations is tiered and based on the knowledge a covered entity had of the violation.


The financial and other penalties incurred due to HIPAA violations and data breaches can be extraordinarily costly—from significant fines that vary by violation, organizational costs of issuing notifications and mitigating the damages following breaches, to the possibility of criminal prosecution.

Additional resources you might like:

Compliance
Event
Automating your existing compliance program

With Vanta, you get enough flexibility to choose between a wealth of pre-built content and the ability to customize and configure the product to match your program’s needs. Curious to see this in action?

Compliance
Event
How to automate ISO 27001 & SOC 2 compliance

Join Vanta’s 45-minute live product demo on 25 April at 11 am BST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 10th April at 1pm AEST. Two of our team members will walk you through the platform and answer questions throughout the session.

Additional resources you might like:

Compliance
Event
Automating your existing compliance program

With Vanta, you get enough flexibility to choose between a wealth of pre-built content and the ability to customize and configure the product to match your program’s needs. Curious to see this in action?

Compliance
Event
How to automate ISO 27001 & SOC 2 compliance

Join Vanta’s 45-minute live product demo on 25 April at 11 am BST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 10th April at 1pm AEST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
Combating threats through a continuous compliance

In the world of cloud infrastructure, security teams frequently find themselves bouncing between tools to track alignment to compliance standards. What’s more, they must often contend with a lack of visibility into risk and potential threats.

Security
Event
How to build an enduring security program as your company grows

Join Vanta's CISO, Jadee Hanson, and seasoned security leaders at company's big and small to discuss building and maintaining an efficient and high performing security program.

Compliance
Event
Ask Me (Almost) Anything: AI & Compliance

What does AI mean for your company’s security compliance program? Join our session on 28 March 9 am AEDT where Matt Cooper, Privacy, Risk and Compliance Manager at Vanta, and Noam Rubin, Sr. Software Engineer at Vanta, will answer (almost) all your questions about AI and compliance.

Compliance
Event
Automating SOC 2 compliance & more

Join Vanta’s 45-minute live product demo on March 12 at 11 am PST where Devin and Natalie will walk you through the Vanta platform and show you how we automate 90% of the work for security and privacy frameworks, and help you move towards a state of continuous compliance.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 13 March at 11 am GMT. Two of our team members will walk you through the platform and answer questions throughout the session.

GDPR
Event
AMAA: Demystifying GDPR to make progress and fuel EU Growth

Want to quickly get up to speed with GDPR so you can supercharge your growth in the European market? Join our next Ask Me (Almost) Anything webinar on February 28th at 8:30am PST / 4:30pm GMT to find out how.

Get compliant and
build trust, fast.

Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started