Security Rule
Administrative, physical and technical safeguards for electronic PHI.
Safeguards for protected health information.
HIPAA governs how protected health information (PHI) is handled in the US. The Security Rule mandates administrative, physical and technical safeguards; the Privacy Rule governs use and disclosure; the Breach Notification Rule sets response obligations.
The standard
HIPAA — US Health Insurance Portability and Accountability Act
Who needs it
Covered entities (providers, health plans) and their business associates — including any software vendor that creates, receives, maintains or transmits PHI.
3
Rules: Security · Privacy · Breach
Administrative, physical and technical safeguards for electronic PHI.
Rules for the permitted use and disclosure of PHI.
Defined obligations and timelines when PHI is exposed.
Contracts that flow safeguards down the supply chain.
See exactly how Compliance One maps HIPAA to your environment in a 30-minute walkthrough.