This chapter reviews overlapping points of the rules, where and how they intersect, analyzes mutual dependencies.
It is extremely important for all organizations to realize that the Privacy Rule and The Security Rule are NOT mutually exclusive pieces of legislation, they are in fact dependent on each other.
Many organizations have treated the Privacy and Security Rules as independent and separate regulations. This has led to many organizations to make a decision to focus first on the Privacy Rule and then the Security Rule. While this is a logical approach when one considers the deadlines that have to be met i.e. The Privacy Rule has a deadline of April 14, 2003 and the Security Rule has a deadline of April 20, 2005, one should not loose sight of the fact that these two pieces of legislation are mutually dependent. In other words you cannot have privacy unless you have security.
In this chapter we will examine the some of the overlaps and the interdependencies between these two pieces of legislation