Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What are the rules of HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is composed of a number of standards or rules by which compliance can be monitored. HIPAA Rules include the Privacy, Security, and Breach Notification Rules, as well the Transactions and Code Set Standards, Identifier Standards, Enforcement Rule, Omnibus Final Rule, and the HITECH Act.


The HIPAA Privacy Rule sets national standards to safeguard individuals’ medical records and other protected health information (PHI), and establishes when PHI may be used and disclosed. The HIPAA Security Rule specifies safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The HIPAA Breach Notification Rule requires that, in the event of a breach of unsecured PHI, notification of the breach is communicated to affected individuals, the U.S. Department of Health & Human Services (HHS), and in some cases, the media. HIPAA Rules apply to covered entities and business associates.

It is important that organizations that work in or with the healthcare industry, or that have access to protected health information (PHI), are aware of the HIPAA Rules and adhere to their standards. Adhering to the HIPAA Rules will help ensure that an organization is protecting the privacy and security of patients’ PHI, and is prepared to alert required individuals and institutions in the case of an incident of non-compliance.

Additional resources you might like:

Compliance
Vanta events | Vanta
Live Demo: Automate compliance to fuel your startup's growth

Join our live demo to discover how automating compliance can streamline processes, save time, and fuel your startup’s growth.

GRC
Vanta events | Vanta
Unlocking the ROI of GRC: The Business Value of Vanta

Join the live event to discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

Security
Blog
A data-driven look at the top security tools for startups

There’s no shortage of options when it comes to security tools for startups. Here's a data-driven look at the top tools used most frequently by startups.

Additional resources you might like:

Compliance
Vanta events | Vanta
Live Demo: Automate compliance to fuel your startup's growth

Join our live demo to discover how automating compliance can streamline processes, save time, and fuel your startup’s growth.

GRC
Vanta events | Vanta
Unlocking the ROI of GRC: The Business Value of Vanta

Join the live event to discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

Security
Blog
A data-driven look at the top security tools for startups

There’s no shortage of options when it comes to security tools for startups. Here's a data-driven look at the top tools used most frequently by startups.

ISO 27001
Vanta events | Vanta
Live Demo: How to streamline ISO 27001 and SOC 2 compliance with automation

Join Vanta’s 45-minute live demo to see how our platform automates up to 90% of the work for achieving ISO 27001 and SOC 2 compliance, helping you streamline security and move towards continuous compliance.

Compliance
Vanta events | Vanta
The State of Trust: Top Security & Compliance Trends for 2025

Join us live as we discuss key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance
Vanta events | Vanta
Building in the age of AI: Startup lessons for early-stage growth

Watch a fireside chat with Christina Cacioppo, CEO and Co-founder of Vanta, and Eric Ries, author of The Lean Startup, as they share insights on navigating the modern startup journey. Discover how founders today can adapt to AI-driven innovation and utilize startup principles to find success in today’s dynamic landscape.

Compliance
Vanta events | Vanta
Live Demo: Automating Security and Compliance Workflows

Join Vanta’s live product demo to discover how automation, continuous monitoring, and centralized workflows can streamline your GRC program, enhance control visibility, and improve vendor and buyer security management—all within a single platform.

Compliance
Vanta events | Vanta
How to Choose Your Next Compliance Framework

How do you choose your next framework to support growth — without overburdening your team? Join Vanta and Insight Assurance for a discussion where we’ll delve into considerations for scaling your compliance program.

Compliance
Vanta events | Vanta
How to streamline ISO 27001 and SOC 2 compliance with automation

Watch Vanta’s 45-minute live product demo. Register today to begin your automated compliance journey!