Get Started Today!  (954) 834-2800

croom new

KB Technologies Managed IT Blog

How Does HITRUST Tie Back to HIPAA?

How Does HITRUST Tie Back to HIPAA?

Any organization that holds medical records or other healthcare-related sensitive data needs to consider legislation and organizations that govern the privacy of those records. In this case, we are referring to HIPAA, the Health Insurance Portability and Accountability Act, and HITRUST, the Health Information Trust Alliance. These two acronyms are incredibly important for healthcare providers in the United States to understand.

Since August of 1996, HIPAA has mandated that all healthcare providers adhere to certain best practices. Thus, HIPAA is the regulatory framework, whereas HITRUST is more of an organization rather than a set of standards. HITRUST actually developed its own framework known as Common Security Framework, or CSF, which assists businesses in ensuring compliance with HIPAA. They don’t stop there, though; HITRUST helps with compliance for other guidelines and regulations, including PCI, DSS, and NIST.

What is HIPAA?

HIPAA is legislation that establishes several requirements that healthcare organizations and their partners must comply with. Some of these requirements have been expanded upon by updates to the legislation, such as the HIPAA Omnibus Rule, so that the requirements set forth by the HITECH (Health Information Technology for Economic and Clinical Health) Act, are better integrated into the regulations.

What Does HITRUST Do?

HITRUST is a coalition that integrates tenets set forth by HIPAA into its own CSF. By doing so, it makes adhering to the requirements of HIPAA much more actionable and, therefore, easier to implement as a whole.

How Do These Two Coexist?

The HITRUST CSF takes what HIPAA outlines and builds a standardized framework and certification process for the healthcare industry to follow. It also takes what HIPAA requires and integrates them with other compliances and frameworks which, in a way, makes HITRUST more difficult to adhere to. To put it simply, HIPAA is the set of rules that healthcare providers, organizations, and affiliated businesses must stick to, whereas HITECH provides them with the tools and resources needed to make it happen.  Therefore, they are both quite important to consider for any organization that falls into these categories.

How Do You Keep Your Business Compliant?

It is clear that keeping your business compliant with these types of regulations is far from clear, as there are countless security protocols and protections that must be considered. KB Technologies Managed IT can help your business implement these systems so that you can avoid becoming subject to fines and violations. Find out how you can keep your organization compliant by reaching out to us at (954) 834-2800.

Tired Of Annoying Computer Problems That Keep Coming Back?

Workstations Can Come Several Different Ways
Tip of the Week: Optimize Security By Disabling Br...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, June 23 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Reach Out Today!

Mobile? Grab this Article!

QR-Code dieser Seite

Latest Blog

Ransomware is a threat that has seen exponential growth in recent years. We have witnessed it grow from a minor annoyance to a considerable global threat. Even the U.S. Justice Department has issued a declaration that they would begin investigating ransomware in much the sam...

Latest News

KB Technologies Managed IT is proud to announce the launch of our new website at The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...