Compliance Standards

When you’re sick and at the doctor’s office, you have to reveal a lot of personal information for the physician to properly treat you. Within your file contains your demographic information, your personal medical history, mental health, tests and lab results, insurance information, and more. All of this falls under a specific category called protected health information (PHI).

In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in order to protect patients’ PHI. Privacy and security weren’t the only topics covered in HIPAA. It also addressed health insurance prices and changes, encouraged the use of electronic health records (EHRs), and developed the groundwork for a national healthcare standard.

HIPAA was amended — rather, bolstered — in 2009, when Congress passed the HITECH Act. It addressed many of the problems arising from HIPAA and helped bring the framework into the 21st century. It also brought with it harsher penalties for HIPAA noncompliance. To avoid these fees, healthcare providers and their business associates must understand the HITECH Act penalties and enforcement.

From 1996 to 2009, U.S. healthcare organizations operated under a strict regulatory act known as HIPAA. HIPAA, or the Health Insurance Portability and Accountability Act, intended to protect patient health data, make health insurance affordable, and to simplify hospital administrative procedures. 

As the years progressed, loopholes arose, electronic systems (which were supposed to be incorporated) were ignored, and the U.S. healthcare infrastructure was in jeopardy of falling behind. Not to say that HIPAA was a failure, but after 13 years in operation, it was in desperate need of an update. In 2009, Congress passed the Health Information Technology for Economic and Clinical Health Act (HITECH) to give HIPAA the update it needed. HITECH closed loopholes and encouraged the adoption of electronic health records by enforcing stricter guidelines and increasingly high noncompliance fees.

Now, to avoid facing penalties, healthcare providers and subsidiary companies must be HITECH compliant. But what does that entail? Read ahead to find out.

When asked about the Obama administration’s efforts to reform the American healthcare system, most people will think of the Patient Protection and Affordable Care Act, also known as “Obamacare.” Many forget or fail to realize that a year prior to the ACA’s creation, Congress had already passed the largest healthcare reform measure in decades in the form of the Health Information Technology for Economic and Clinical Health Act (HITECH). 

One of the reasons why HITECH’s addition went mostly unnoticed and unremarked is that it was a subsection of President Obama’s American Recovery and Reinvestment Act of 2009. Few realized that this stimulus package introduced sweeping changes to the healthcare industry that had far-ranging impacts on the relationship between patients and providers, especially pertaining to healthcare provider treatment of private health information. 

Do you want to know what is HITECH in healthcare and how it protects your private information? Read on to find out.