We cannot talk about information security without talking about HIPAA. The information security standard has been governing how information is managed in the healthcare industry since 1996. Considering how sensitive patients’ information and personal details are — and the growing number of cyberattacks targeting healthcare institutions — the HIPAA Security Rule is considered to be among the most extensive across the globe.
Don’t get me wrong, HIPAA compliance is far from enough in terms of data protection. As with other compliance standards, the HIPAA Security Rule is only meant to set a standard and define best practices for the healthcare industry to follow. A lot of healthcare institutions go one or two steps further in order to fully protect the safety of their patients’ information.