HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that establishes standards for protecting sensitive patient health information (PHI). Covered entities and their business associates must implement administrative, physical, and technical safeguards. Key technical requirements include audit controls, encryption, access controls, and breach notification within 60 days. HIPAA violations can result in fines from $100 to $50,000 per violation.

Why it matters for your website

• 1Required for selling to enterprise customers or regulated industries
• 2Non-compliance can result in fines, loss of contracts, or reputational damage
• 3Certification provides a third-party validation of your security posture