Compliance with the Health Insurance Portability and Accountability Act (HIPAA) requires provisions for safeguarding patient medical information. With the increase in breaches of protected health information caused by cyberattacks and ransomware in recent years, the regulation has gained greater prominence. The regulation includes rules for both security and privacy protections, which are enforced by the Office for Civil Rights (OCR), and healthcare organizations must be prepared to pass an OCR audit.