A Practice Note addressing requirements under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for protecting the security of electronic protected health information (ePHI). This resource discusses the Security Rule's general requirements, which entities must comply with the Security Rule, and related organizational and document requirements.