The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes foundational federal standards designed to protect sensitive health information from being disclosed without a patient’s consent. When focusing specifically on cybersecurity, compliance, and governance, your primary concern is the HIPAA Security Rule.

In the U.S. healthcare system, the Health Insurance Portability and Accountability Act (HIPAA) sets the federal standard for protecting sensitive patient data. When focusing on cybersecurity, compliance centers around protecting this data from unauthorized access, breaches, and cyberattacks while ensuring it remains available for patient care.