Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is a HIPAA breach?

A HIPAA breach is defined as the acquisition, access, use, or disclosure of protected health information (PHI) in a manner not permitted by HIPAA regulations, which compromises the security or privacy of the PHI. Impermissible use or disclosure of protected health information is presumed to be a breach unless it can be shown that the probability of protected health information having been compromised is low, based on a multifactor risk assessment. The risk assessment should review the nature and extent of the PHI involved; to whom the disclosure of PHI was made; whether the PHI was in fact acquired or viewed; and the extent to which the risk to the PHI was mitigated, among other elements.


In the event of a breach of unsecured PHI, the HIPAA Breach Notification Rule requires that covered entities communicate notification of the breach to any affected individuals, the U.S. Department of Health & Human Services, and in some cases, the media.


HIPAA compliance is required of organizations and employees who work in or with the healthcare industry, or who have access to protected health information. A covered entity or business associate that fails to adhere to one or more of the HIPAA Rules is in violation of HIPAA; organizations that violate the provisions of the HIPAA Rules may be penalized. Penalties for HIPAA breaches are strict and can significantly impact an organization’s finances and reputation.

Additional resources you might like:

Security
Events
Scaling Security in the Age of AI: Lessons from Vanta, Wiz, & Modo Labs

Join Vanta + Wiz + Modo Labs for a fireside chat where they’ll explore key questions about AI’s impact on scaling security programs–what to watch out for, how to adapt, where to adopt AI, and what to focus on next.

Security
Events
From Insights to Action: Measuring and Advancing Security Maturity

Discover how Vanta’s customizable reporting and dashboarding can help you assess and improve security maturity with real-time insights, better risk visibility, and data-driven decision-making.

ISO 42001
Events
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.

Additional resources you might like:

Security
Events
Scaling Security in the Age of AI: Lessons from Vanta, Wiz, & Modo Labs

Join Vanta + Wiz + Modo Labs for a fireside chat where they’ll explore key questions about AI’s impact on scaling security programs–what to watch out for, how to adapt, where to adopt AI, and what to focus on next.

Security
Events
From Insights to Action: Measuring and Advancing Security Maturity

Discover how Vanta’s customizable reporting and dashboarding can help you assess and improve security maturity with real-time insights, better risk visibility, and data-driven decision-making.

ISO 42001
Events
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.

GRC
Events
Unlocking the ROI of GRC: The Business Value of Vanta

Discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

GRC
Events
AI & Security Maturity: Navigating Risks Across Every Stage with John Hammond & Vanta

Watch our on-demand webinar with John Hammond—cybersecurity researcher, practitioner, and content creator with nearly two million YouTube subscribers—and Matt Cooper, Vanta’s Director of GRC, for a fireside chat on AI, security maturity, and the top security risks in 2025.

ISO 27001
Events
Live Demo: How to streamline ISO 27001 and SOC 2 compliance with automation

Watch Vanta’s 45-minute demo to see how our platform automates up to 90% of the work for achieving ISO 27001 and SOC 2 compliance, helping you streamline security and move towards continuous compliance.

Compliance
Events
The State of Trust: Top Security & Compliance Trends for 2025

Discover key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance
Events
Fostering a culture of security in an AI world

Watch our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Security
Events
How Trust Centers Help Save Time and Accelerate Sales

Discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.