Official Site: https://qualysec.com/ 

HIPAA was written in the United States under the Health Insurance Portability and Accountability Act of 1996. It sets certain legal standards to safeguard Protected Health Information (PHI)—from an individual’s medication and diagnosis history to laboratory test results and insurance information. At Qualysec, we advise organizations through the complexity of global cybersecurity and compliance laws applicable to them, including HIPAA, GDPR, SOC 2, ISO 27001, etc. 

Source Link: https://qualysec.com/hipaa-compliance-in-uk/ 

Even though HIPAA is an American regulation, its applicability and influence are expanding into and beyond the United Kingdom, and for UK organizations with U.S. health consumers or private health information, the relevance of this legislation extends across the water – not that it is practical to ignore it. We can assist organizations with their due diligence to exhibit security readiness, including automation-based audits, gap analysis, and policy writing etc. 

Patient information is a major target for cybercriminals, and healthcare enterprises are under a lot of pressure. Medical records are a goldmine for malicious actors, given they can provide everything from patient diagnosis to enrollment and insurance information (and everything else that comes with protecting patient health information (PHI). Even the slightest slip in maintaining controls can have major implications for healthcare organizations, which may include financial damage, legal damages, and a breakdown in trust with patients. Protecting patient information is not just regulatory, it is ethical and a duty of care to people who depend on your care.