Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

What is the HIPAA Security Rule?

The HIPAA Security Rule is a 2005 addition to the original Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA required the Secretary of the US Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. 


The HIPAA Security Rule operationalizes the protections contained in the HIPAA Privacy Rule by addressing the administrative, physical, and technical safeguards that organizations called covered entities must put in place to secure individuals’ electronic protected health information or ePHI.


Specifically, covered entities must:

  • Ensure the confidentiality, integrity, and availability of all ePHI they create, receive, maintain, or transmit
  • Identify and protect against reasonably anticipated threats to the security or integrity of the information
  • Protect against reasonably anticipated, impermissible uses or disclosures
  • Ensure compliance by their workforce


A primary goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. The Security Rule is designed to be flexible and scalable so a covered entity can implement policies, procedures, and technologies appropriate for the entity’s size, organizational structure, and risks to consumers’ ePHI.

Related Terms

Additional resources you might like:

ISO 42001
Vanta events | Vanta
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Join our webinar to explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.

GRC
Vanta events | Vanta
Unlocking the ROI of GRC: The Business Value of Vanta

Discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

GRC
Vanta events | Vanta
AI & Security Maturity: Navigating Risks Across Every Stage with John Hammond & Vanta

Watch our on-demand webinar with John Hammond—cybersecurity researcher, practitioner, and content creator with nearly two million YouTube subscribers—and Matt Cooper, Vanta’s Director of GRC, for a fireside chat on AI, security maturity, and the top security risks in 2025.

Additional resources you might like:

ISO 42001
Vanta events | Vanta
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Join our webinar to explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.

GRC
Vanta events | Vanta
Unlocking the ROI of GRC: The Business Value of Vanta

Discover how Vanta empowers organizations to achieve exceptional results in their Governance, Risk, and Compliance (GRC) programs.

GRC
Vanta events | Vanta
AI & Security Maturity: Navigating Risks Across Every Stage with John Hammond & Vanta

Watch our on-demand webinar with John Hammond—cybersecurity researcher, practitioner, and content creator with nearly two million YouTube subscribers—and Matt Cooper, Vanta’s Director of GRC, for a fireside chat on AI, security maturity, and the top security risks in 2025.

ISO 27001
Vanta events | Vanta
Live Demo: How to streamline ISO 27001 and SOC 2 compliance with automation

Watch Vanta’s 45-minute demo to see how our platform automates up to 90% of the work for achieving ISO 27001 and SOC 2 compliance, helping you streamline security and move towards continuous compliance.

Compliance
Vanta events | Vanta
The State of Trust: Top Security & Compliance Trends for 2025

Join us live as we discuss key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance
Vanta events | Vanta
Fostering a culture of security in an AI world

Watch our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Security
Vanta events | Vanta
How Trust Centers Help Save Time and Accelerate Sales

Discover how trust centers enhance customer confidence, streamline security processes, and drive sales growth, based on IDC’s latest research.

Product updates
Blog
Introducing new Vanta capabilities to automatically improve your security posture

Today we’re excited to announce a framework for the CIS Critical Security Controls® 8.1, automated tests aligned to the CIS Foundation Benchmarks, and enhancements to the Vanta API.

Product updates
Vanta events | Vanta
What's New in Vanta: July

Are you curious about new Vanta features? Join Vanta's 'What's New in Vanta' webinar to discover new features and enhancements. Register now!

Get compliant and build trust—fast

Request a demo
G2 BadgeG2 BadgeG2 Badge