Can you explain the difference between the HIPAA Security Final Rule and the meaningful use final rule? What does...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
each require and how are they different?
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
The HIPAA Security Final Rule and the meaningful use rule are two different sets of requirements that may apply in different situations. Depending upon your organization's role in the health care process and the types of information you handle, one or both may apply to your organization.
The HIPAA Security Rule applies to health care providers that conduct certain electronic transactions, health plans and health care clearinghouses. The rule itself contains a series of specific standards that dictate the mandatory administrative, physical and technical controls that HIPAA-covered entities must have in place to ensure the security of protected health information. The rule covers matters ranging from workforce security and incident response to facility access controls and data encryption.
The meaningful use of electronic health records rule provides guidelines for hospitals and health care professionals seeking to make the most effective use of electronic medical records in their practices. While it is not mandatory, health care professionals and hospitals that choose to participate are eligible to receive financial subsidies from the federal government. These incentive payments may be as high as $44,000 through the Medicare program and $63,750 through the Medicaid program.
In addition to the two rules you asked about, health care professionals should also be familiar with the HIPAA Privacy Rule. This rule is far more complex than the Security Rule and contains very detailed requirements covering the manner in which covered entities handle protected health information.
It is very important to realize that these rules cover completely different topics. The Security and Privacy Rules are guidelines for the secure handling and sharing of protected health information. If you are a HIPAA-covered entity, you must comply with these rules by implementing technical administrative and physical controls as well as sound privacy practices. The meaningful use rule, on the other hand, covers the effective use of electronic health records and does not overlap with the other rules. Furthermore, compliance with this rule is voluntary and allows practices to qualify for incentive payments from the government.
Related Q&A from Mike Chapple
Web application firewalls may be a way to better security, but organizations need to be aware of the compliance implications of WAFs.continue reading
An SEC report shows over three-quarters of financial institutions were subject to at least one cybersecurity attack. Expert Mike Chapple looks at ...continue reading
The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.