What is HIPAA Compliance?
The Health Insurance Portability and Accountability Act (HIPAA), enforced by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), mandates cybersecurity standards for businesses in the healthcare industry that handle protected health information (PHI)
HIPAA dictates that all “covered entities” must implement security and data privacy controls to protect patient’s health information from unauthorized access. Covered entities include health plan providers, healthcare providers, healthcare clearinghouses, and many more businesses.
While HIPAA was first signed into law in 1996, it has since been updated to include preventive measures for combating digital data breaches caused by cyberattacks on health insurers and health care providers.