If your organization works in the healthcare industry, you are likely aware of the Health Insurance Portability and Accountability Act (HIPAA). This US legislation requires healthcare organizations to secure the patient data or protected health information (PHI) they handle against unlawful use and sharing.