The federal government recently passed significant revisions to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. These revisions, called the HITECH Act, require both Covered Entities (health care providers that conduct transactions of protected health information (PHI) in electronic format) and Business Associates (entities that perform a function or provide a service involving the use of PHI) to report any breaches of unsecured PHI.
Depending on the severity of a breach, Covered Entities or Business Associates may be required to notify the individual whose PHI was leaked, the Secretary of the Department of Health and Human Services, and the media. In other words, there’s a lot to know and for many health care industry service providers, parsing through the statute and rules to understand these notification requirements is a daunting and time-consuming task.
The HITECH Guide dissects the statute and rules and breaks the requirements down into language aimed at business owners and IT professionals. The Guide includes definition of a breach, breach notification requirements, and a recommended procedure in the event of a breach.
Source: Scott & Scott LLP
Related Posts
Standard Process Inc. mourns loss of company matriarch Sylvia DuBois- Are you prepared? ICD-10 is coming soon
- Northwestern Health Sciences University names Chris Cassirer president
- International Conference on Chiropractic Research: Last call for papers
- Help codes
- Improve your immune system with diet, augmented by chiropractic care
