Thank you for the opportunity to help you with your question!
The new HITECH Act promises more rigorous enforcement of HIPPA (Health Insurance Portability and Accountability Act of 1996). The legislation includes mandatory penalties for “willful neglect.” Penalties can be expensive: as much as $250,000, with repeat or uncorrected violations carrying fees as high as $1.5 million. State attorneys general still will be responsible for bringing cause of action, but Health and Human Services is now legally bound to conduct audits of entities covered under the act as well as related business associates.
The Act requires practices to notify patients of any unsecured data breaches related to Protected Health Information (PHI). If a breach affects 500 or more patients, HHS must also be notified. Notification requirements are triggered whether the breach occurs internally or externally.
Electronic Health Record Access: The act requires patients and designated third parties to be given access to their PHI in an electronic format. This applies to providers who have implemented an EHR system.
Policing business associates: under the HITECH Act, business associates are now required to comply with the measures provided for in the HIPAA Security Rule
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) legislation was created in 2009 to stimulate the adoption of electronic health records (EHR) and supporting technology in the United States. President Obama signed HITECH into law on Feb. 17, 2009, as part of the American Recovery and Reinvestment Act of 2009 (ARRA) economic stimulus bill.
Please let me know if you need any clarification. I'm always happy to answer your questions.
Content will be erased after question is completed.