shieldCISSP Practice Domain 1 — Security and Risk Management Q46 of 120

Under HIPAA, which rule specifies safeguards for electronic protected health information (ePHI)?

A CISSP practice question covering Domain 1: Security and Risk Management. Try answering before reading the explanation below.

▶ Show options & answer

Privacy Rule

Security Rule

✓ Correct answer

Breach Notification Rule

Enforcement Rule

Why "Security Rule" is the right answer

The HIPAA Security Rule mandates administrative, physical, and technical safeguards for ePHI. The Privacy Rule covers PHI generally. Breach Notification governs disclosure obligations.

Study videos for this topic

Want to go deeper on Domain 1? Watch the full breakdown — every video is free, no account, no upsell.

CISSP Domain 1: Ethics & the 5 Pillars (Canon Order)

Domain 1 — Security and Risk Management

CISSP Domain 1: Governance, Roles & Due Care (2026)

Domain 1 — Security and Risk Management

CISSP Domain 1: Laws, IP & GDPR (Compliance)

Domain 1 — Security and Risk Management

CISSP Domain 1: Investigation Types & Security Docs

Domain 1 — Security and Risk Management

Take the full CISSP practice test

120 questions, instant explanations, study-video links on every miss. No account.

Start full test →

Under HIPAA, which rule specifies safeguards for electronic protected health information (ePHI)?

Study videos for this topic

Other practice tests