Title XIII of the American Recovery and Reinvestment Act
of 2009, also known as the Health Information Technology for Economic
and Clinical Health Act (HITECH), includes many provisions that
significantly expand the scope, penalties, and compliance challenges of
the Health Insurance Portability and Accountability Act of 1996
(HIPAA). The two major components of HITECH are: 1) a
transition from recording and maintaing health information on paper
to electronic formats; and 2) changes to HIPAA that impose
significant new requirements on "covered entities" and their business
associates to notify patients, the federal government, and the media of
breaches of unsecured Protected Health Information (PHI).
Unsecured PHI is PHI that is not rendered unusable, unreadable, or
indecipherable to unauthorized individuals through the use of encryption
technologies or methods of physical destruction approved by the
Secretary of the Federal Department of Health and Human Services.
A breach is the acquisition, access, use, or disclosure of unsecured PHI
in a manner not permitted under the HIPAA privacy rule,
thus compromising the security or privacy of the PHI.
Learn from an expert the highlights of HITECH, how to
determine if a breach has occurred, and corrective strategies to ensure