Coalfire HIPAA Services and Knowledge Base

Connect 1:1 with an Expert
Healthcare GRC HIPAA HIPAA Home Page

Overview of HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established national standards for the protection of health information. The HIPAA Privacy Rule and HIPAA Security Rule set forth requirements for the safeguarding of protected health information (PHI):

  • HIPAA Privacy Rule: Governs how healthcare providers, health plans, and other entities handle PHI, including who can access this information and under what circumstances. It establishes patients’ rights regarding their health information, including the right to receive notice of breaches.
  • HIPAA Security Rule: This rule outlines the security requirements for electronic PHI (ePHI), mandating that organizations implement administrative, physical, and technical safeguards to protect against data breaches. 

HIPAA regulations are essential in maintaining the confidentiality and security of healthcare data and provide a framework that healthcare organizations must follow. Failure to comply with HIPAA can result in severe penalties, with fines reaching up to $1.5 million per violation category per year.

PHI

What is PHI, and who uses it?

Learn more

Risk Analysis

Healthcare Risk Analysis – the Basics

Learn more

Frameworks

Control Frameworks

Learn more

Remediation

Implementing Control Frameworks

Learn more

OCR

OCR Requirements

Learn more

Noncompliance

Cost of OCR Investigations

Learn more

Connect 1:1 with a Healthcare GRC Expert

Would you like to receive periodic updates regarding cybersecurity and compliance from Coalfire? Coalfire will process your personal data in accordance with our Privacy Policy.

Resources