← Back to Glossary

HIPAA Compliance 101: What Is It? How Does it Affect Your Business?

by Iwan Price-Evans on Security • May 11, 2022

HIPAA compliance means that healthcare providers must follow strict guidelines when handling personal information. These include keeping records secure, protecting patients' identities, and ensuring that only authorized individuals have access to protected health information (PHI).

What Is HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act. This law was enacted in 1996 to address concerns about the privacy and security of medical records.

Why Should You Care About HIPAA?

HIPAA compliance is essential for any business that handles personal data. This includes businesses that provide services such as medical care, insurance, banking, and financial management.

What Are The Requirements Of HIPAA?

HIPAA compliance requires that healthcare providers and other covered entities (such as hospitals) maintain strict policies and procedures regarding the protection of patients’ private information. These policies must be reviewed regularly by employees who handle protected health information (PHI).

Who Needs To Be Compliant?

HIPAA applies to any organization that handles protected health information (PHI). PHI includes any information related to an individual's past, present, or future physical or mental condition, such as a diagnosis, test result, procedure, treatment plan, payment history, etc.

What Happens When I Don't Comply?

If an organization fails to comply with HIPAA regulations, it could face fines up to $50,000 per violation. In addition, the U.S. Department of Health & Human Services has the authority to impose civil penalties of up to $1 million per day for each violation.