The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy and security of personal health information (PHI). Any healthcare organization, like hospitals, that stores, processes, or sends PHI must meet HIPAA compliance requirements. This also applies to related businesses that perform functions or provide services on their behalf.


The HIPAA Compliance Security Rule lists security standards with implementation requirements designed to safeguard PHI in an electronic form called ePHI. These standards are grouped into the following five categories:

  • Administrative safeguards
  • Physical safeguards
  • Technical safeguards
  • Organizational requirements
  • Policies and procedures

Policy compliance

Test resilience to leak personal health information and other personal data. Measure and increase resilience against phishing attempts. 

Find weaknesses

Gain visibility into your systems, networks, and web applications and find weak points.