Your security and compliance glossary

The PCI DSS is a set of requirements for all organizations that store, process, transmit, or impact security of branded customer cardholder data.

A merchant is any entity that accepts payment cards, according to the PCI Security Standards Council.

Learn what HIPAA Sanctions are and how they can include a range of penalties for HIPAA violations.

HIPAA Safeguards are the administrative, technical, and physical safeguards that covered entities are required to maintain by the terms of the HIPAA Security Rule to protect individuals’ electronic protected health information.

A HIPAA risk assessment identifies potential risks and vulnerabilities to the confidentiality, availability, and integrity of all protected health information (PHI) that an organization creates, receives, maintains, or transmits.

A HIPAA-covered entity is an individual, organization, or agency to which the HIPAA Rules apply; covered entities include health care providers, health plans, and health care clearinghouses.

HIPAA Business Associates are people or entities that perform functions involving the use or disclose of protected health information.

The HIPAA Final Omnibus Rule of 2013 was issued by the Department of Health and Human Services (HHS) to implement required amendments under the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Trying to find out about the HIPAA Breach Notification Rule? Vanta's got you covered. Click here to learn more about HIPAA Breach Notification regulations.