Health Insurance Portability and Accountability Act (HIPAA) Image

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. HIPAA requires that covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment and operations) must meet a set of rules.
HIPAA mandates that every covered entity and business associate with access to Personal Health Information (PHI) must have technical, physical, and administrative safeguards to protect the integrity of PHI. And, should a breach of PHI occur, organization must follow a procedure to notify affected parties. HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).
HIPAA compliance requires effort. Organizations must make significant investments, including identifying gaps in compliance by conducting self-audits, creating remediation plans to reverse compliance violations, developing policies and procedures, documenting all efforts they take to become HIPAA compliant, creating an incident management process and more.
Failure to comply with HIPAA has serious consequences. The breach of electronic PHI may result in substantial fines, criminal charges and civic action lawsuits. The Office for Civil Rights of the Department of Health and Human Services does not consider ignorance of HIPAA regulations a justifiable defense.

Impacted Industries


Hyperproof Makes HIPAA Compliance Simple

  • HIPAA compliance framework with requirements and controls to help you get started

  • Ability to map a control to multiple regulatory standards. Reduce time to compliance for all regulations that matter to your business

  • Work with the productivity tools you already have

  • Re-use evidence across multiple frameworks and controls

  • Quickly collect evidence to document your efforts toward HIPAA compliance

  • Pinpoint & prioritize your critical work stream


Get the latest from Hyperproof

Stay ahead of the risk and compliance curve. Get the latest regulation updates and analysis, guidance on achieving continuous compliance, and exclusive opportunities. Sign up for Hyperproof's bimonthly newsletter.
Stay in-the-know