The Privacy Rule's canonical keys overlap heavily with GDPR — if you already have GDPR seeded, HIPAA mostly adds the addressable/required implementation specifications, the Notice of Privacy Practices, and the Breach Notification Rule workflow on top.
For covered entities and business associates handling Protected Health Information in the US.