Information about HITECH HIPPA

HITECH Act Enforcement Interim Final Rule

HITECH means Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, was signed into law in 2009 to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions which strengthen the civil and criminal HIPAA rules enforcement.

As reliance on information technology in the Healthcare Industry, and the adoption of electronic medical records (EMR) grows, ensuring the safe handling of sensitive data is becoming increasingly important. HIPAA Privacy and Security Rules define requirements for the appropriate use, and safeguarding of protected health information (PHI). Compliance with HITECH is essential. There are heavy fines for data breaches under HITECH.

The HIPAA Security Rule’s requirements are set out in three categories: Administrative , Physical and Technical Safeguards. Within the categories are 18 standards, and 36 implementation specifications, which are further categorized into “Required” and “Addressable”. Required ones are critical and must be implemented. Addressable ones are scalable, based on individual needs and practices. The Security Rule’s focus is on the safeguarding of electronic Protected Health Information (e-PHI), as set out by HITECH.

While the Security and Privacy Rule share the common goal of safeguarding Protected Health Information (PHI), the Privacy Rule applies to all media types: paper, oral, and electronic. The Privacy Rule requires organizations to consider the confidentiality, integrity, and availability of PHI. Procedures need to be in place, to address the use and disclosure of PHI, notice of privacy practices, and the minimum necessary approach to using PHI; HITECH sets out the details. Neglecting HITECH can disrupt your business.

If you would like more information regarding HITECH HIPAA, contact us today to discuss your requirements.

Complementary Services
Vulnerability Assessment
IT Risk Assessment
Social Engineering Testing and Training