Menu Close

Understanding the Relationship Between HIPAA and HITRUST

HIPAA, which is the Health Insurance Portability and Accountability Act, is a concern for healthcare providers that work within the US, and it is important for good reason. Beginning in August 1996, it mandates that healthcare providers comply with various best practices and security standards. While many people know of this common acronym, way fewer people know about HITRUST which is the Health Information Trust Alliance, and how these two acronyms rely on one another to uphold the health care systems.

Let’s first talk about the major differences between these two acronyms. HITRUST and HIPAA, even though you might think there are, are not both regulatory frameworks. HIPAA is, and very much so, but HITRUST is an organization in itself that has its own framework, such as the Common Security Framework (CSF) that helps businesses comply with HIPAA, PCI, NIST, DSS, and other types of regulations.

What is HIPAA? (Health Insurance Portability and Accountability Act)
After it began and was signed into action in August of 1996, HIPAA regulated the requirements that have to do with healthcare partners and organizations and controls what they must adhere to. These requirements are expanded even further with the addition of the HIPAA Omnibus Rule that integrates the demands of the HITECH (Health Information Technology for Economic and Clinical Health) Act.

What Does the Health Information Trust Alliance Do?
HISTRUST is a coalition that works to bring HIPAA regulations into their own CSF. To make the HITRUST CSF have more accountability and portability, they established requirements that aligned with HIPAA mandates.

How Do These Two Acronyms Coexist?
HITRUST CSF builds on HIPAA and creates a framework and certification process that is standardized and integrated with the demands of HIPAA that is passed down by other compliances and frameworks. HITRUST, in many ways, is the larger challenge that needs to be complied with.

While HIPAA lays out the rules that healthcare providers, affiliated businesses, and organizations need to follow, Hitech gives them the solutions and strategies to do so. Both are very important for any business in the healthcare field so that businesses can avoid considerable challenges and fines.

Do You Need Assistance in Keeping Your Business Compliant?
With all of the different lists of protections and protocols you need to keep track of, it can be difficult to stay completely compliant. MyTek can help your business in doing so by handling all of the technical parts of it for you. Learn more about healthcare-related solutions by giving MyTek a call today at 623-312-2440.

Table of Contents

"*" indicates required fields

This field is for validation purposes and should be left unchanged.


Our goal is to reinvent the managed IT experience for growing Arizona businesses through a partnership with no long-term commitments, technology options that are flexible to meet your needs and infrastructure and strategy that position your technology as a competitive advantage.

Download Our Price Sheet