Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is the HIPAA Security Rule?

The HIPAA Security Rule is a 2005 addition to the original Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA required the Secretary of the US Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. 


The HIPAA Security Rule operationalizes the protections contained in the HIPAA Privacy Rule by addressing the administrative, physical, and technical safeguards that organizations called covered entities must put in place to secure individuals’ electronic protected health information or ePHI.


Specifically, covered entities must:

  • Ensure the confidentiality, integrity, and availability of all ePHI they create, receive, maintain, or transmit
  • Identify and protect against reasonably anticipated threats to the security or integrity of the information
  • Protect against reasonably anticipated, impermissible uses or disclosures
  • Ensure compliance by their workforce


A primary goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. The Security Rule is designed to be flexible and scalable so a covered entity can implement policies, procedures, and technologies appropriate for the entity’s size, organizational structure, and risks to consumers’ ePHI.

Additional resources you might like:

Product updates
Blog
Introducing new Vanta capabilities to automatically improve your security posture

Today we’re excited to announce a framework for the CIS Critical Security Controls® 8.1, automated tests aligned to the CIS Foundation Benchmarks, and enhancements to the Vanta API.

Compliance
Event
Audit Prep Excellence: Your Path to Success

Join our interactive webinar featuring experts in compliance auditing for a live Q&A session. We'll dive into essential tips for preparing for various compliance audits, guide you through the nuances of both ISO 27001 and SOC 2 standards, and discuss best practices for maintaining continuous compliance.

Product updates
Event
What's New in Vanta: July

Are you curious about new Vanta features? Join Vanta's 'What's New in Vanta' webinar to discover new features and enhancements. Register now!

Additional resources you might like:

Product updates
Blog
Introducing new Vanta capabilities to automatically improve your security posture

Today we’re excited to announce a framework for the CIS Critical Security Controls® 8.1, automated tests aligned to the CIS Foundation Benchmarks, and enhancements to the Vanta API.

Compliance
Event
Audit Prep Excellence: Your Path to Success

Join our interactive webinar featuring experts in compliance auditing for a live Q&A session. We'll dive into essential tips for preparing for various compliance audits, guide you through the nuances of both ISO 27001 and SOC 2 standards, and discuss best practices for maintaining continuous compliance.

Product updates
Event
What's New in Vanta: July

Are you curious about new Vanta features? Join Vanta's 'What's New in Vanta' webinar to discover new features and enhancements. Register now!

Product updates
Event
What's New in Vanta: June

Are you curious about new Vanta features? Register for our "What's New in Vanta: June" webinar.

Security
Blog
The state of trust in an AI world: VantaCon UK recap

Security and compliance experts share their insights and analysis of key findings from Vanta’s State of Trust Report in this VantaCon UK panel.

Company news
Blog
VantaCon UK highlights: See the future of trust in an AI world

From product announcements to panel discussions, watch highlights and recordings from VantaCon UK.

SOC 2
Event
Ask Me (Almost) Anything: Post-Audit Planning and Excellence

Navigate post-audit success with Vanta & A-LIGN. Get expert advice on leveraging findings for growth. Register for access or recording.

Security
Guide / Report
Growing pains: How to update and automate outdated security processes

Has your business outgrown its security processes? Learn how to update them in this guide.

Security
Event
Building security programs that reduce risk

In today’s evolving threat landscape, compliance is only the first step—resilience is the ultimate goal. That’s why Vanta and Huntress have teamed up to help you achieve true cybersecurity resilience.