Thought Leadership & Insights | Cloudticity

HIPAA, HITECH and HITRUST in Healthcare IT | Cloudticity

Written by Electronic Health Reporter | Aug 11, 2023 4:57:29 PM

Cloudticty’s Gerry Miller recently wrote an article for ELECTRONIC HEALTH REPORTER explaining that there is no such thing as a “HIPAA certification” to prove compliance, which any organization dealing with personal health information (PHI) must do —  “even if you are just a subcontracting service provider.”

However, he notes, “HITRUST certification establishes that a company or institution is HIPAA compliant because the HIPAA requirements are embedded in the HITRUST CSF. And subsequent to the Final Omnibus Rule, the ongoing digital revolution, and the explosion of everything-as-a-service, an increasing number of hospitals, health institutions, and healthcare companies require their vendors to be HITRUST certified (so it might as well be mandatory).” 

To see the breakdown of HIPAA, HITECH, and HITRUST in Healthcare IT, read the full article here.