Privacy and security of health information is a global concern. However, this chapter will focus on approaches to security in the United States. In particular, the federal regulation of security in the form of the Security Rule will be studied. The HIPAA Security Rule details the system and administrative requirements that a covered entity must meet in order to assure that health information is safe from people without authorization for its access. By contrast, the Privacy Rule describes the requirements that govern the circumstances under which protected health information must be used or disclosed with and without patient involvement and when a patient may have access to his or her protected health information. The implementation of reasonable and appropriate security measures supports compliance with the Privacy Rule.