The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law designed to protect the privacy and security of individuals' medical information. HIPAA compliance is mandatory for healthcare providers, health plans, and healthcare clearinghouses, as well as their business associates who handle protected health information (PHI).