Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

Blogs

Events

Glossary

Guides and reports

What are the HIPAA Safeguards?

‍

HIPAA Safeguards are the administrative, technical, and physical safeguards that covered entities are required to maintain by the terms of the HIPAA Security Rule to protect individuals’ electronic protected health information (ePHI).

The Security Rule defines Administrative Safeguards as “administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.” The Administrative Safeguards comprise more than half of the HIPAA Security Requirements. Administrative Safeguards include:

‍

Implementation of a Security Management Process
Designation of Security Personnel
Implementation of Information Access Management policies and procedures for authorizing access to ePHI
Provision of Workforce Training and Management
Performance of regular Evaluations against the requirements of the Security Rule

The Security Rule defines Technical Safeguards as “the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.” The Technical Safeguards include:

‍

Implementation of Access Control policies and procedures that allow only authorized persons to access ePHI
Implementation of Audit Controls to record and examine access and other activity in information systems that contain or use ePHI
Implementation of Integrity Controls, policies, and procedures to ensure ePHI is not destroyed or improperly altered
Implementation of technical security measures to ensure Transmission Security—guarding against unauthorized access to ePHI transmitted over an electronic network

The Security Rule defines Physical Safeguards as “physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion.” The Physical Safeguards include:

‍

Management of Facility Access and Control, a covered entity must limit physical access to its facilities while ensuring that authorized access is allowed
Implementation of Workstation and Device Security policies and procedures to specify proper use of and access to workstations and electronic media

‍

Related Terms

Additional resources you might like:

Compliance

Vanta events | Vanta

The State of Trust: Top Security & Compliance Trends for 2025

Join us live as we discuss key findings from Vanta’s State of Trust Report, how automation eases the compliance burden, and the role of continuous control monitoring in building real-time trust.

Compliance

Vanta events | Vanta

Building in the age of AI: Startup lessons for early-stage growth

Join us for a fireside chat with Christina Cacioppo, CEO and Co-founder of Vanta, and Eric Ries, author of The Lean Startup, as they share insights on navigating the modern startup journey. Discover how founders today can adapt to AI-driven innovation and utilize startup principles to find success in today’s dynamic landscape.

Compliance

Vanta events | Vanta

Live Demo: Automating Security and Compliance Workflows

Join Vanta’s live product demo to discover how automation, continuous monitoring, and centralized workflows can streamline your GRC program, enhance control visibility, and improve vendor and buyer security management—all within a single platform.

Compliance

Vanta events | Vanta

How to Choose Your Next Compliance Framework

How do you choose your next framework to support growth — without overburdening your team? Join Vanta and Insight Assurance for a discussion where we’ll delve into considerations for scaling your compliance program.

Compliance

Vanta events | Vanta

How to streamline ISO 27001 and SOC 2 compliance with automation

Watch Vanta’s 45-minute live product demo. Register today to begin your automated compliance journey!

Compliance

Vanta events | Vanta

Simplifying SOC 2 and ISO 27001 compliance

Watch our 45-minute webinar where we’ll demonstrate how Vanta automates up to 90% of the work for security and privacy frameworks, and helps you move towards a state of continuous compliance.

Security

Vanta events | Vanta

The State of Trust 2024: How UK Businesses are managing risk and compliance with automation

Watch our webinar where leading cybersecurity experts Ciaran Martin and Victoria Baines will discuss findings from Vanta’s second annual State of Trust Report. Understand the risks facing UK organisations, why good security means good business and how to minimise manual security work through AI and automation.

SOC 2

Vanta events | Vanta

Compliance for startups with Fern (YC W23)

Watch our webinar with Danny Sheridan, Co-founder and CEO at Fern (YC W23), and Brian Kuan, Product Marketing Manager at Vanta (YC W18), for a deep dive into why startups should prioritize compliance early in their journey, and how Vanta can help you become SOC 2-ready in as little as four weeks—giving time back for you to focus on building a company.

Compliance

Vanta events | Vanta

Simplify Compliance and Enhance Your Customer’s Trust

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo where you’ll learn how Vanta goes beyond compliance to enhance your overall security and trust management.

Follow us

What are the HIPAA Safeguards?

Related Terms

Additional resources you might like:

Additional resources you might like:

Get compliant and build trust—fast