For many organizations, compliance with data security standards doesn’t seem to be getting easier. IT security
compliance efforts are forever competing with projects to address ever-pressing information security threats,
operational vulnerabilities and daily business risks, and they often lose out in the battle for resources and funding.
In this paper, you’ll learn about IT security compliance for the Health Insurance Portability and Accountability
Act (HIPAA) from an auditor’s perspective. Although the HIPAA Security Rule represents only a portion of the data
security compliance obligations faced by most organizations handling healthcare data, it is one of the most significant,
especially in light of recent, well-publicized healthcare data security breaches that have plagued many of today’s large
healthcare organizations.