HIPAA Guides
Plain-English explanations of what HIPAA requires, who it applies to, and what it means for your organization. Every guide cites the relevant CFR section.
What Is HIPAA? A Plain-English Explanation
The five rules, who they apply to, and what compliance actually requires of your practice or company.
HIPAA Covered Entities: The Complete Definition
Definition, examples, edge cases, and a decision checklist for your organization.
HIPAA Business Associates: Definition, Examples, Obligations
What makes a vendor a business associate, what they owe covered entities, and when a BAA is required.
Protected Health Information: The 18 Identifiers Explained
The 18 HIPAA PHI identifiers and when de-identified data leaves HIPAA's scope.
HIPAA Privacy, Security & Breach Rules: What Each Requires
Side-by-side explainer of HIPAA's three core rules — who they bind and what they require.
The HITECH Act: How It Extended HIPAA
HITECH pulled business associates directly under HIPAA and raised the penalty ceiling. Here's what changed.
HIPAA Penalties in 2026: Tiers, Maximums, and Recent Fines
The four penalty tiers, inflation-adjusted maximums, and examples from recent OCR enforcement.
Need a HIPAA BAA or NPP?
After you understand the rules, get the documents your organization needs.