The HIPAA Security Rule was enacted in 1996, designed to establish national standards to protect individuals’ electronic personal health information (PHI) used and/or stored by a covered entity.
Many healthcare organizations have complex technology environments, thus making it difficult for healthcare providers and business associates to comply with the HIPAA Security Rule policies and procedures.