Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What are the rules of HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is composed of a number of standards or rules by which compliance can be monitored. HIPAA Rules include the Privacy, Security, and Breach Notification Rules, as well the Transactions and Code Set Standards, Identifier Standards, Enforcement Rule, Omnibus Final Rule, and the HITECH Act.


The HIPAA Privacy Rule sets national standards to safeguard individuals’ medical records and other protected health information (PHI), and establishes when PHI may be used and disclosed. The HIPAA Security Rule specifies safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The HIPAA Breach Notification Rule requires that, in the event of a breach of unsecured PHI, notification of the breach is communicated to affected individuals, the U.S. Department of Health & Human Services (HHS), and in some cases, the media. HIPAA Rules apply to covered entities and business associates.

It is important that organizations that work in or with the healthcare industry, or that have access to protected health information (PHI), are aware of the HIPAA Rules and adhere to their standards. Adhering to the HIPAA Rules will help ensure that an organization is protecting the privacy and security of patients’ PHI, and is prepared to alert required individuals and institutions in the case of an incident of non-compliance.

Additional resources you might like:

SOC 2
Events
Live Demo: Automating Compliance for SOC 2, ISO 27001, and More

Discover how automation can transform your compliance efforts into a streamlined, efficient process. Join the live demo to see it in action and get your compliance questions answered.

Compliance
Events
Demystifying the EU AI Act

Discover how Vanta can streamline your journey through this new regulatory landscape, ensuring your AI operations are secure and future-ready.

Compliance
Blog
The founders guide to accelerating growth with compliance in ANZ

Proactively investing in security compliance can help ANZ startups unlock bigger deals and build trust with customers long before compliance becomes mandatory.

Additional resources you might like:

SOC 2
Events
Live Demo: Automating Compliance for SOC 2, ISO 27001, and More

Discover how automation can transform your compliance efforts into a streamlined, efficient process. Join the live demo to see it in action and get your compliance questions answered.

Compliance
Events
Demystifying the EU AI Act

Discover how Vanta can streamline your journey through this new regulatory landscape, ensuring your AI operations are secure and future-ready.

Compliance
Blog
The founders guide to accelerating growth with compliance in ANZ

Proactively investing in security compliance can help ANZ startups unlock bigger deals and build trust with customers long before compliance becomes mandatory.

Compliance
Events
Live Demo: Automating Compliance for ISO 27001, GDPR and more with Vanta

Unlock the power of automated compliance and streamlined security workflows—join our live demo to see how Vanta can save you time, money, and help build trust with your customers.

Compliance
Events
Live Demo: Automating Compliance for SOC 2, ISO 27001, HIPAA, and More

Discover how Vanta’s automation tools can simplify compliance for SOC 2, ISO 27001, HIPAA, and more, helping you build a stronger security foundation with ease.

Compliance
Events
Live Demo: Simplify ISO 27001 and SOC 2 Compliance to Fuel Growth

See how Vanta can simplify and automate your compliance efforts, helping you scale your business while building trust with customers!

Product updates
Events
Trust is a Team Sport

Jeremy Epling (CPO at Vanta) introduces new product capabilities designed with teamwork in mind. Watch to see how Vanta can help you collaborate easily with your extended team of employees, vendors, auditors, and customers—and win together.

Compliance
Events
Live Demo: Automate compliance to fuel your startup's growth

Discover how automating compliance can streamline processes, save time, and fuel your startup’s growth.

ISO 42001
Events
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.