[](https://www.paloaltonetworks.com/?ts=markdown)

* Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)
  ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* Products  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products  
  [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)
  
  * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)
  
  * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  
  * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)
  
  * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)
  
  * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  
  * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)
  
  * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)
  
  * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  
  * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)
  
  * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)
  
  * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)
  
  * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)
  
  * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)
  
  * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  
  * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)
  
  * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)
  
  * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)
  
  * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)
  
  * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)
  
  * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)
  
  * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)
  
  * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)
  
  * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)
  
  * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)  
    [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)
  
  * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)
  
  * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)
  
  * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)
  
  * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)
  
  * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)
  
  * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown)
  
  * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)
  
  * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown)
  
  * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)
  
  * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown)
  
  * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  
  * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* Solutions  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions  
  Secure AI by Design
  
  * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)  
    Network Security
  * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown)
  * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown)
  * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown)
  * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown)
  * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown)
  * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown)
  * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown)
  * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)  
    Cloud Security
  * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown)
  * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown)
  * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown)
  * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown)
  * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown)
  * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown)
  * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown)
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown)
  * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown)  
    Security Operations
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown)
  * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown)
  * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown)
  * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown)
  * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown)
  * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown)
  * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown)
  * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown)
  * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown)
  * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown)  
    Endpoint Security
  * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown)
  * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown)
  * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown)
  * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown)  
    [Industries](https://www.paloaltonetworks.com/industry?ts=markdown)
  * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown)
  * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown)
  * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown)
  * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown)
  * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown)

* Services  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services  
  [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)
  
  * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)
  
  * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown)
  
  * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown)
  
  * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown)
  
  * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown)
  
  * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown)
  
  * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown)
  
  * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown)
  
  * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown)
  
  * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown)
  
  * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown)
  
  * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown)
  
  * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown)
  
  * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown)
  
  * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)
  
  * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown)
  
  * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown)
  
  * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown)
  
  * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown)
  
  * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown)
  
  * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)
  
  * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown)
  
  * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown)
  
  * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown)
  
  * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown)  
    [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown)
  
  * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown)
  
  * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown)
  
  * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown)
  
  * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown)
  
  * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown)  
    [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg)  
    UNIT 42 RETAINER
    Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial.
    Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)

* Partners  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners  
  NextWave Partners
  
  * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown)
  * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown)
  * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown)
  * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown)
  * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown)
  * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown)
  * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown)
  * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown)  
    Take Action
  * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown)
  * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown)
  * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner)
  * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess)
  * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator)  
    [CYBERFORCE
    CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise.
    Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown)

* Company  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company  
  Palo Alto Networks
  
  * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
  * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown)
  * [Investor Relations](https://investors.paloaltonetworks.com)
  * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
  * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown)
  * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
  * [Military \& Veterans](https://jobs.paloaltonetworks.com/military)  
    [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown)
  * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown)
  * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown)
  * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown)
  * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown)
  * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown)
  * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
  * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown)  
    Careers
  * [Overview](https://jobs.paloaltonetworks.com/)
  * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/)  
    [A Newsweek Most Loved Workplace
    "Businesses that do right by their employees"
    Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown)

* More  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More  
  Resources
  
  * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
  * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/)
  * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
  * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
  * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
  * [Tech Insider](https://techinsider.paloaltonetworks.com/)
  * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/)
  * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/)
  * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown)
  * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown)
  * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown)
  * [Tech Docs](https://docs.paloaltonetworks.com/)
  * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown)
  * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
  * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown)  
    Connect
  * [LIVE community](https://live.paloaltonetworks.com/)
  * [Events](https://events.paloaltonetworks.com/)
  * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown)
  * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown)
  * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)  
    [Blog
    Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity
    Learn more](https://www.paloaltonetworks.com/blog/)

* Sign In  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)

* [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown)  
  Search  
  All

* [Tech Docs](https://docs.paloaltonetworks.com/search)  
  Close search modal
  [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com)  
  [](https://www.paloaltonetworks.com/?ts=markdown)

1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
2. [Data Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown)
3. [What Are HIPAA Security Rules?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules?ts=markdown)  
   Table of Contents

* [What Is Cybersecurity Compliance?](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations?ts=markdown)
  * [Three Pillars of Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#pillars?ts=markdown)
  * [Understanding Cybersecurity Compliance](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#understanding?ts=markdown)
  * [Key Security Compliance Frameworks and Regulations](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#key?ts=markdown)
  * [Building an Effective Cybersecurity Compliance Program](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#building?ts=markdown)
  * [The Future of Cybersecurity Compliance: AI and Emerging Trends](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#future?ts=markdown)
  * [Cybersecurity Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/cybersecurity-compliance-and-regulations#faqs?ts=markdown)
* [What Is Healthcare Cybersecurity?](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity?ts=markdown)
  * [Why Is Cybersecurity Important to Healthcare](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#important?ts=markdown)
  * [Elements of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#elements?ts=markdown)
  * [HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#security?ts=markdown)
  * [Healthcare Data Breaches](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#breaches?ts=markdown)
  * [Healthcare Business Continuity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#business?ts=markdown)
  * [Protected Healthcare Information](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#healthcare?ts=markdown)
  * [Key Challenges in Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#challenges?ts=markdown)
  * [Healthcare Cybersecurity Strategies and Solutions](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#strategies?ts=markdown)
  * [The Future of Healthcare Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#future?ts=markdown)
  * [Healthcare Cybersecurity FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity#faqs?ts=markdown)
* [What Is GDPR Compliance?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown)
  * [What Is GDPR?](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#what?ts=markdown)
  * [GDPR \& Data Sovereignty](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#sovereignty?ts=markdown)
  * [Key Principles of the GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#key?ts=markdown)
  * [GDPR Requirements](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#gdpr?ts=markdown)
  * [GDPR FAQs](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance#faqs?ts=markdown)
* [What Is Personal Data?](https://www.paloaltonetworks.com/cyberpedia/personal-data?ts=markdown)
  * [Personal Data Explained](https://www.paloaltonetworks.com/cyberpedia/personal-data#personal?ts=markdown)
  * [Personal Data Across Various Legislations](https://www.paloaltonetworks.com/cyberpedia/personal-data#data?ts=markdown)
  * [Understanding Identifiability](https://www.paloaltonetworks.com/cyberpedia/personal-data#understanding?ts=markdown)
  * [Important Factors When Determining Personal Data](https://www.paloaltonetworks.com/cyberpedia/personal-data#important?ts=markdown)
  * [How Is Understanding Personal Data Beneficial?](https://www.paloaltonetworks.com/cyberpedia/personal-data#how?ts=markdown)
  * [Personal Data Security Tools](https://www.paloaltonetworks.com/cyberpedia/personal-data#tools?ts=markdown)
  * [Personal Data FAQs](https://www.paloaltonetworks.com/cyberpedia/personal-data#faqs?ts=markdown)
* [What Is HIPAA?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown)
  * [Is Your Organization HIPAA Compliant?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#compliant?ts=markdown)
  * [Understanding HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#understanding?ts=markdown)
  * [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#protected?ts=markdown)
  * [HIPAA: Breach Notification](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#breach?ts=markdown)
  * [HIPAA Privacy Rule: The Standard of Minimum Necessary](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#privacy?ts=markdown)
  * [The Security Rule: Safeguarding Electronic Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#security?ts=markdown)
  * [OCR Audit Protocol](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#ocr?ts=markdown)
  * [HIPAA for Big Tech and Startups](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#big-tech?ts=markdown)
  * [HIPAA Compliance Tips for DevOps and AppSec Practitioners](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#devops?ts=markdown)
  * [HIPAA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa#faqs?ts=markdown)
* [What Is Sensitive Data?](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown)
  * [Sensitive Data Explained](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#sensitive?ts=markdown)
  * [Understanding the Types of Sensitive Data](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#understanding?ts=markdown)
  * [Navigating the Landscape of Data Privacy Regulations](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#navigating?ts=markdown)
  * [Sensitive Data Protection: Best Practices](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#best-practices?ts=markdown)
  * [Sensitive Data FAQs](https://www.paloaltonetworks.com/cyberpedia/sensitive-data#faqs?ts=markdown)
* [What Is SOC 2 Compliance?](https://www.paloaltonetworks.com/cyberpedia/soc-2?ts=markdown)
  * [SOC 2 Explained](https://www.paloaltonetworks.com/cyberpedia/soc-2#soc?ts=markdown)
  * [Why SOC 2 Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/soc-2#why?ts=markdown)
  * [SOC 2 Requirements](https://www.paloaltonetworks.com/cyberpedia/soc-2#requirements?ts=markdown)
  * [Who Can Perform a SOC Audit?](https://www.paloaltonetworks.com/cyberpedia/soc-2#who?ts=markdown)
  * [SOC 2 Audit Checklist](https://www.paloaltonetworks.com/cyberpedia/soc-2#checklist?ts=markdown)
  * [SOC 1 Vs. SOC 2](https://www.paloaltonetworks.com/cyberpedia/soc-2#vs?ts=markdown)
  * [SOC 2 FAQs](https://www.paloaltonetworks.com/cyberpedia/soc-2#faqs?ts=markdown)
* [What Is Healthcare Business Continuity?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare?ts=markdown)
  * [Why Is Business Continuity Important to Healthcare?](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#important?ts=markdown)
  * [Potential Disruptions to Healthcare Organizations' Continuity](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#potential?ts=markdown)
  * [The Growing Threat of Ransomware in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#ransomware?ts=markdown)
  * [Why Healthcare Is a Prime Target for Cyberattacks](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#target?ts=markdown)
  * [How Healthcare Business Continuity Directly Impacts Lives](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#healthcare?ts=markdown)
  * [Costs of Downtime in the Healthcare Sector](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#costs?ts=markdown)
  * [How to Ensure Business Continuity in Healthcare](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#business?ts=markdown)
  * [Benefits of Business Continuity Planning](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#planning?ts=markdown)
  * [Healthcare Business Continuity FAQs](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare#faqs?ts=markdown)
* What Are HIPAA Security Rules?
  * [Why Is the HIPAA Security Rule Important?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#why?ts=markdown)
  * [Overview of the HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#overview?ts=markdown)
  * [HIPAA Security Rule Requirements](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#requirements?ts=markdown)
  * [The HIPAA Breach Notification Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#breach-notification-rule?ts=markdown)
  * [HIPAA Compliance and Enforcement](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#compliance-and-enforcement?ts=markdown)
  * [Best Practices for HIPAA Compliance](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#best-practices?ts=markdown)
  * [Potential Trends in HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#trends?ts=markdown)
  * [HIPAA Security Rule FAQs](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#faq?ts=markdown)
* [What Is Protected Health Information (PHI)?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown)
  * [Why Is Protected Health Information (PHI) Important?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#important?ts=markdown)
  * [Examples of Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#protected?ts=markdown)
  * [What Is ePHI?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#ephi?ts=markdown)
  * [Securing Protected Health Information](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#securing?ts=markdown)
  * [What Is a PHI Breach?](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#breach?ts=markdown)
  * [Evolving Landscape: Emerging Technologies and PHI Security](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#landscape?ts=markdown)
  * [Protected Health Information (PHI) FAQs](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi#faqs?ts=markdown)
* [What Is the California Consumer Privacy Act (CCPA)?](https://www.paloaltonetworks.com/cyberpedia/ccpa?ts=markdown)
  * [California Consumer Privacy Act (CCPA) Explained](https://www.paloaltonetworks.com/cyberpedia/ccpa#ccpa?ts=markdown)
  * [How Does the CCPA Define Personal Information?](https://www.paloaltonetworks.com/cyberpedia/ccpa#how?ts=markdown)
  * [CCPA Vs. GDPR](https://www.paloaltonetworks.com/cyberpedia/ccpa#compare?ts=markdown)
  * [Container Firewall FAQs](https://www.paloaltonetworks.com/cyberpedia/ccpa#faq?ts=markdown)
* [An Overview of FedRAMP and Why You Should Care About It](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview?ts=markdown)
  * [Advantages of FedRAMP for Federal Agencies](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#advantages?ts=markdown)
  * [Other Parties That May Be Interested in FedRAMP](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#other?ts=markdown)
  * [More Information](https://www.paloaltonetworks.com/cyberpedia/fedramp-overview#more?ts=markdown)
* [What Is Data Governance?](https://www.paloaltonetworks.com/cyberpedia/data-governance?ts=markdown)
  * [Data Governance Explained](https://www.paloaltonetworks.com/cyberpedia/data-governance#data?ts=markdown)
  * [Why Data Governance Matters](https://www.paloaltonetworks.com/cyberpedia/data-governance#why?ts=markdown)
  * [The Benefits of Data Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#benefits?ts=markdown)
  * [Enterprise Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#enterprise?ts=markdown)
  * [Cloud Data Governance Challenges](https://www.paloaltonetworks.com/cyberpedia/data-governance#cloud?ts=markdown)
  * [Data Governance Strategy](https://www.paloaltonetworks.com/cyberpedia/data-governance#data-governance?ts=markdown)
  * [Building a Strong Data Governance Framework](https://www.paloaltonetworks.com/cyberpedia/data-governance#building?ts=markdown)
  * [Data Governance Best Practices: Tips and Strategies](https://www.paloaltonetworks.com/cyberpedia/data-governance#best-practices?ts=markdown)
  * [Securing Data Access: The Importance of Data Access Governance](https://www.paloaltonetworks.com/cyberpedia/data-governance#securing?ts=markdown)
  * [Unlock the Full Potential of Your Data with Comprehensive Data Governance Capabilities](https://www.paloaltonetworks.com/cyberpedia/data-governance#unlock?ts=markdown)
  * [Data Governance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-governance#faqs?ts=markdown)
* [What is the Difference between FISMA and FedRAMP?](https://www.paloaltonetworks.com/cyberpedia/difference-between-fisma-and-fedramp?ts=markdown)
* [Simplified Healthcare Compliance and Risk Management with Prisma Cloud](https://www.paloaltonetworks.com/cyberpedia/simplified-healthcare-compliance-and-risk-management-with-prisma-cloud?ts=markdown)
* [What Is Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy?ts=markdown)
  * [Data Privacy Explained](https://www.paloaltonetworks.com/cyberpedia/data-privacy#data?ts=markdown)
  * [Why Is Data Privacy Crucial for Businesses and Consumers?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#why?ts=markdown)
  * [What Are the Use Cases for Data Privacy?](https://www.paloaltonetworks.com/cyberpedia/data-privacy#what?ts=markdown)
  * [‍Data Privacy FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy#faqs?ts=markdown)
* [How to Maintain AWS Compliance](https://www.paloaltonetworks.com/cyberpedia/how-to-maintain-aws-compliance?ts=markdown)
* [What Is Data Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown)
  * [Data Compliance Explained](https://www.paloaltonetworks.com/cyberpedia/data-compliance#data?ts=markdown)
  * [Why Is Data Compliance Important?](https://www.paloaltonetworks.com/cyberpedia/data-compliance#why?ts=markdown)
  * [Cloud Challenges Data Compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance#cloud?ts=markdown)
  * [Data Compliance Varies Across Industries](https://www.paloaltonetworks.com/cyberpedia/data-compliance#varies?ts=markdown)
  * [Meeting Data Compliance Standards](https://www.paloaltonetworks.com/cyberpedia/data-compliance#meeting?ts=markdown)
  * [Data Compliance FAQs](https://www.paloaltonetworks.com/cyberpedia/data-compliance#faqs?ts=markdown)
* [What Is NIST?](https://www.paloaltonetworks.com/cyberpedia/nist?ts=markdown)
  * [NIST Explained](https://www.paloaltonetworks.com/cyberpedia/nist#nist?ts=markdown)
  * [The NIST Secure Software Development Framework (SSDF)](https://www.paloaltonetworks.com/cyberpedia/nist#the?ts=markdown)
  * [What Do Nist Guidelines Cover?](https://www.paloaltonetworks.com/cyberpedia/nist#what?ts=markdown)
  * [CSF Vs. SSDF](https://www.paloaltonetworks.com/cyberpedia/nist#vs?ts=markdown)
  * [‍NIST FAQs](https://www.paloaltonetworks.com/cyberpedia/nist#faqs?ts=markdown)
* [What Is Data Privacy Compliance?](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance?ts=markdown)
  * [Database Security in Public Clouds](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#database?ts=markdown)
  * [Elements of Database Security](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#elements?ts=markdown)
  * [Database Security: 8 Best Practices](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#security?ts=markdown)
  * [Database Security FAQs](https://www.paloaltonetworks.com/cyberpedia/data-privacy-compliance#faqs?ts=markdown)
* [How The Next-Generation Security Platform Contributes to GDPR Compliance](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance?ts=markdown)
  * [Data Breach Prevention](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#data?ts=markdown)
  * [Managing Security Processes Centrally](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#managing?ts=markdown)
  * [Preventing Data Exfiltration or Leakage](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#preventing?ts=markdown)
  * [Data Breach Notification](https://www.paloaltonetworks.com/cyberpedia/how-the-next-generation-security-platform-contributes-to-gdpr-compliance#breach?ts=markdown)
* [What Is PCI DSS?](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown)
  * [PCI DSS Explained](https://www.paloaltonetworks.com/cyberpedia/pci-dss#pci?ts=markdown)
  * [Why PCI DSS Compliance Is Important](https://www.paloaltonetworks.com/cyberpedia/pci-dss#why?ts=markdown)
  * [PCI DSS Requirements](https://www.paloaltonetworks.com/cyberpedia/pci-dss#dss?ts=markdown)
  * [Technical Best Practices for PCI DSS Compliance](https://www.paloaltonetworks.com/cyberpedia/pci-dss#technical?ts=markdown)
  * [Preparing for a PCI DSS Assessment](https://www.paloaltonetworks.com/cyberpedia/pci-dss#preparing?ts=markdown)
  * [PCI DSS FAQs](https://www.paloaltonetworks.com/cyberpedia/pci-dss#faqs?ts=markdown)
* [What Is PII?](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown)
  * [Personally Identifiable Information (PII) Explained](https://www.paloaltonetworks.com/cyberpedia/pii#personally?ts=markdown)
  * [Why Is PII Important?](https://www.paloaltonetworks.com/cyberpedia/pii#why?ts=markdown)
  * [PII Worldwide](https://www.paloaltonetworks.com/cyberpedia/pii#pii?ts=markdown)
  * [Personal Data Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#vs?ts=markdown)
  * [PHI Vs. PII](https://www.paloaltonetworks.com/cyberpedia/pii#phi?ts=markdown)
  * [PII Security Best Practices](https://www.paloaltonetworks.com/cyberpedia/pii#best?ts=markdown)
* [PII FAQs](https://www.paloaltonetworks.com/cyberpedia/pii#faqs?ts=markdown)

# What Are HIPAA Security Rules?

5 min. read  
Table of Contents

* * [Why Is the HIPAA Security Rule Important?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#why?ts=markdown)
  * [Overview of the HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#overview?ts=markdown)
  * [HIPAA Security Rule Requirements](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#requirements?ts=markdown)
  * [The HIPAA Breach Notification Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#breach-notification-rule?ts=markdown)
  * [HIPAA Compliance and Enforcement](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#compliance-and-enforcement?ts=markdown)
  * [Best Practices for HIPAA Compliance](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#best-practices?ts=markdown)
  * [Potential Trends in HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#trends?ts=markdown)
* [HIPAA Security Rule FAQs](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#faq?ts=markdown)

1. Why Is the HIPAA Security Rule Important?

* * [Why Is the HIPAA Security Rule Important?](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#why?ts=markdown)
  * [Overview of the HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#overview?ts=markdown)
  * [HIPAA Security Rule Requirements](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#requirements?ts=markdown)
  * [The HIPAA Breach Notification Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#breach-notification-rule?ts=markdown)
  * [HIPAA Compliance and Enforcement](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#compliance-and-enforcement?ts=markdown)
  * [Best Practices for HIPAA Compliance](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#best-practices?ts=markdown)
  * [Potential Trends in HIPAA Security Rule](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#trends?ts=markdown)
* [HIPAA Security Rule FAQs](https://www.paloaltonetworks.com/cyberpedia/hipaa-security-rules#faq?ts=markdown)  
  The Security Rule of the [Health Insurance Portability and Accounting Act (HIPAA)](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) was enacted in 2005, nine years after the U.S. Congress passed HIPAA. According to the U.S. Department of Health and Human Services, the Security Rule establishes national standards to protect individuals' electronic personal health information created, received, used, or maintained by a covered entity.

The Security Rule is a subset of the HIPAA Privacy Rule, which provides standards for securing protected health information (PHI).

## Why Is the HIPAA Security Rule Important?

Before HIPAA was enacted, there were no standards, requirements, or processes for protecting patients' health information. As care delivery became increasingly digitized, providers had to capture, store, share, and protect fast-growing volumes of electronic health data in their systems.

The Security Rule was a key step forward for protecting digital information, which is essential to ensure confidentiality and establish trust between patients and providers.  
![Video 1: Cybersecurity for the changing world of healthcare](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/cybersecurity-for-the-changing-world-of-healthcare.png)

*Video 1: Cybersecurity for the changing world of healthcare*

close

## Overview of the HIPAA Security Rule

The Security Rule establishes standards for the protection of patients' PHI and [personally identifiable information (PII)](https://www.paloaltonetworks.com/cyberpedia/pii?ts=markdown). It also creates a framework for regulatory compliance to protect PII and rules regarding notification of affected individuals in the event of a breach.

### Purpose and Scope

According to the HHS, the Security Rule is designed to ensure that covered entities establish necessary safeguards to protect patient healthcare data and PII. This is in response to the exponential growth of PHI between both covered entities and noncovered entities.

The scope of the Security Rule is quite expansive, covering health plans, healthcare clearinghouses, and any healthcare provider who transmits health information.

### 4 Main Objectives

**1. Ensure confidentiality of electronic PHI (ePHI).**

As more patient data becomes available in digital formats, protecting ePHI is an absolute requirement.

**2. Identify and protect against reasonably anticipated threats.**

While not all cyberthreats can be identified in advance, covered entities are responsible to protect patients' information against threats already in play.

**3. Protect against impermissible uses or disclosures.**

This is important for providers because it covers technology tools, people, and processes.

**4. Ensure compliance by the covered entity's workforce.**

All members of covered entities must take the proper safeguards to ensure patient data privacy and security. This means covered entities need to educate employees on Security Rule requirements and train them on ensuring compliance.

## HIPAA Security Rule Requirements

The Security Rule requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information (PHI).

### 1. Administrative Safeguards

Administrative safeguards are intended to pinpoint and determine potential risks to PHI, and to put in place steps that reduce security risks and vulnerabilities. They also mandate that a security official be required to develop and implement the covered entity's security rules and procedures. Providers also are required to regularly assess how effective their security guidelines are performing in meeting guidelines under the HIPAA Security Rule.

### 2. Physical Safeguards

Physical safeguards cover issues such as limiting unauthorized physical access to facilities, while still allowing authorized access to take place. Covered entities also are required to deploy policies and procedures covering proper handling of electronically stored data and electronic media containing PII and PHI.

### 3. Technical Safeguards

Technical safeguards are designed to put in place the right technical policies that ensure that only properly authorized persons can access digital records and other electronic information. This covers not only the hardware, software, and services required to capture, store, and manage healthcare and medical records, but also the security credentials and authentication procedures that govern access.

They also include encryption and other technologies designed to safeguard against improper access to PHI and ePHI over a digital network.

## The HIPAA Breach Notification Rule

HHS defines a data breach as an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of PHI. Preventing breaches is an unquestioned priority for care delivery organizations for a wide range of reasons. However, in the event a breach does occur, the HIPAA Breach Notification Rule mandates that HIPAA-covered entities and their business associates provide notification following a breach of unsecured PHI.

In the event of a breach of unsecured PHI, covered entities must notify affected individuals about the breach. That notification typically is made either by sending physical mail or, if a patient has opted to receive correspondence from the covered entity by electronic media, the alert may be made via email.

Covered entities also must alert the HHS Secretary to the breach, and, in some cases, may have to notify media outlets. Additionally, third-party business associates must similarly alert affected individuals if the breach occurs at or by the business associate.

## HIPAA Compliance and Enforcement

The HHS Office for Civil Rights oversees HIPAA compliance and enforcement for most HIPAA-covered entities. Because it is considered a law enforcement agency, most of the activities undertaken by the Office of Civil Rights are private and typically not publicized.

Compliance-related provisions are part of the HIPAA Enforcement Rule, which covers investigations, potential civil monetary penalties for violations, and procedures for hearings.

## Best Practices for HIPAA Compliance

Covered entities should adopt smart business, technological, and operational practices to ensure that they are fully HIPAA-compliant at all times. These should cover steps such as risk assessment, monitoring of potentially unusual system activity, developing clear roles and responsibilities, and testing procedures in the event of an ePHI data breach.

Of course, putting in place the right technology tools, applications, and services is key to building the proper HIPAA compliance framework.

HHS also provides valuable tools to help covered entities understand best practices for HIPAA compliance. The Office for Civil Rights has produced a video presentation for HIPAA covered entities and business associates on "recognized security practices." Topics include:

* The 2021 HITECH Amendment regarding recognized security practices
* How regulated entities can demonstrate recognized security practices are in place
* How OCR is requesting evidence of recognized security practices
* Resources for information about recognized security practices
* OCR's answers to questions on recognized security practices  
  ![OCR Recognized Security Practices Video Presentation](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ocr-recognized-security-practices-video.png)

*Video 2: OCR Recognized Security Practices Video Presentation*

close

Internal training with employees --- practitioners, medical staff, IT, cybersecurity, and all line-of-business employees --- should be part of a regular regimen to ensure the entire organization takes the right steps to secure ePHI and PII.

## Potential Trends in HIPAA Security Rule

Since it was first enacted, HIPAA has been a dynamic piece of legislation, regularly undergoing updates and expansions to reflect the changes in the healthcare industry and its increased use of digital technology. Some of the key areas that decision-makers at covered entities must understand and account for are:

### 1. Strengthened Cybersecurity Measures

Because of the ever-evolving threat landscape, healthcare organizations should put in place the budgets, processes, expertise, and tools in place to defend the organization against fast-emerging threats.

### 2. Emerging Technologies

Next-generation firewalls, anti-ransomware tools, threat intelligence services, [cloud security](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cloud-security?ts=markdown), identity management, managed detection and response, endpoint security, and [internet of medical things (IoMT) security](https://www.paloaltonetworks.com/cyberpedia/what-is-iomt-security?ts=markdown) are essential elements of a wider cybersecurity technology framework.

### 3. Enhanced Data Privacy and Consent

Healthcare organizations are increasingly tasked to comply with stronger data privacy and consent regulations, such as the [General Data Protection Regulation (GDPR)](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) in the EU and similar regulations currently in place across the US.

### 4. Third-Party Vendor Management

Business associates --- persons or entities that perform functions using or disclosing PHI on behalf of a covered entity --- must also comply with the Security Rule. Providers must regularly and routinely monitor how business associates and other third parties are interacting with PHI and PII, and that they are following appropriate guidelines for the handling and protection of that data.

### 5. Increased Collaboration and Information Sharing.

Just as [HIPAA](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) regulations in general, and the Security Rule specifically, are ever-changing, so are the steps necessary to ensure compliance and the confidentiality of patient data.

The dramatic increase in the use of specialized healthcare delivery means that patient information is being shared with greater frequency and with a wider array of systems. This increases the potential for breaches and regulatory problems, prompting organizations to find more ways to collaborate to protect patient data, especially in interconnected healthcare delivery processes.

The diverse nature of care continuity --- hospitals, acute care facilities, urgent care, doctors offices, ambulatory care, and telemedicine --- means that this trend toward greater collaboration among providers is especially mission critical.

Learn about how Palo Alto Networks is the cybersecurity leader of choice for hospitals and health systems worldwide. Visit [www.paloaltonetworks.com/healthcare](https://www.paloaltonetworks.com/healthcare?ts=markdown).

## HIPAA Security Rule FAQs

### How does cybersecurity impact the HIPAA Security Rule?

Cyberattacks on healthcare organizations threaten to disrupt operations and impact patient privacy. The HIPAA Security Rule ensures that every hospital and health system has a robust cybersecurity environment that prevents confidential information from being compromised.

### What cybersecurity solution is best to comply with the HIPAA Security Rule?

The HIPAA Security Rule allows organizations to choose their own cybersecurity vendors and solutions, so every approach will be different. However, we suggest an end-to-end approach that protects your entire environment, such as [cybersecurity consolidation](https://www.paloaltonetworks.com/cyberpedia/what-is-cybersecurity-consolidation?ts=markdown), which covers all of your bases, including networks, clouds, endpoints, devices, and users.

### Is cybersecurity essential for HIPAA compliance?

Cybersecurity is absolutely essential for HIPAA compliance. But more importantly, a robust approach to cybersecurity ensures that breaches and disruptions don't occur, and organizations never have to notify affected parties or the HHS of a breach.
Related Content  
[What Is Healthcare Cybersecurity?
The threat landscape is changing, and healthcare is particularly vulnerable. Here is everything you need to know about cybersecurity in healthcare.](https://www.paloaltonetworks.com/cyberpedia/what-is-healthcare-cybersecurity?ts=markdown)  
[Healthcare Cybersecurity: 3 Trends to Watch in 2024
From remote care to connected devices, these cybersecurity trends are shaping digital transformation in healthcare.](https://www.paloaltonetworks.com/blog/2024/01/healthcare-cybersecurity-trends/)  
[3 Priorities for Healthcare Cybersecurity in 2024
Healthcare CISOs have an opportunity to transform their cybersecurity and enable cyber resilience in 2024. Here is how to do it.](https://www.paloaltonetworks.com/engage/x-portfolio-healthcare/cybersecurity-transformation)  
[Secure Digital Transformation in Healthcare
The healthcare industry is evolving, and so are cyberattacks. Protect patient data and stay ahead of threats.](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown)  
![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Are%20HIPAA%20Security%20Rules%3F&body=Learn%20about%20the%20essential%20HIPAA%20security%20rules%20and%20regulations%2C%20discover%20how%20to%20protect%20sensitive%20patient%20information%2C%20understand%20compliance%20requirements%2C%20and%20implement%20robust%20safeguards.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/hipaa-security-rules)  
Back to Top  
[Previous](https://www.paloaltonetworks.com/cyberpedia/business-continuity-for-healthcare?ts=markdown) What Is Healthcare Business Continuity?  
[Next](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown) What Is Protected Health Information (PHI)?  
{#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2025 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language