What is the HITECH Act?
Protecting the privacy of patient information is one of the top priorities of all healthcare providers and is specifically required by various state and federal laws. On February 17, 2009 the American Recovery and Reinvestment Act of 2009 (ARRA, sometimes referred to as “the stimulus”) included provisions making significant improvement in the privacy and security standards for health information was signed into law by the federal government (http://www.hpsafind.hrsa.gov). Included in this law is $19.2 Billion which is intended to be used to increase the use of Electronic Health Records (EHR) by physicians and hospitals; this portion of the bill is called, the Health Information Technology for Economic and Clinical Health Act, or HITECH Act (http://www.opencongress.org/bill/111-h1/show). The Act is directed towards protected health information that is not secured by a technology standard that renders protected health information unusable, unreadable or indecipherable to unauthorized individuals. Additionally, it addresses entities subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) that access, maintain, retain, modify, record, store, destroy, or otherwise hold, use, or disclose unsecured protected health information. The HITECH Act require patients be notified of any unauthorized acquisition, access, use or disclosure of their unsecured protected health information.
Why did the government pass this law?
The government firmly believes in the benefits of using electronic health records and is ready to invest federal resources to proliferate its use. Paper information increase the risk of unauthorized accessed due to human factor risks – leaving information on desk, leaving information on printer/fax, out where information can be viewed by cleaning people, dumpster incidents, and unlocked file cabinets/drawers and shared working areas. These are examples of...