HITECH

The US Department of Health and Human Services (HHS) presides overall healthcare and patient safety matters to “enhance the health and well-being of all Americans.” Extending this protection to patients’ health information, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) set baseline requirements for how hospitals and doctors process data. In 2009, HITECH compliance requirements expanded these protections to meet evolving threats of cybercrime. 

The Health Insurance Portability and Accountability Act of 1996, or HIPAA, has shaped how cybersecurity works in the healthcare industry for a quarter-century. In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH) changed how HIPAA works.

The Health Insurance Portability and Accountability Act of 1996, more commonly known as HIPAA, has had immense impacts on the domestic and global healthcare industry. Over a decade later, the US Department of Health and Human Services (HHS) expanded HIPAA’s protections with the publication of the Health Information Technology for Economic and Clinical Health Act (HITECH). But what are the HITECH safety measures? In other words, what do you need to do to fully secure your company and its stakeholders? Keep reading to find out.

The US Department of Health and Human Services (HHS) drafted the original Health Insurance Portability and Accountability Act (HIPAA) in 1996. HIPAA designated patients’ medical data as “protected health information” (PHI) and developed security standards to safeguard it. Later, the Health Information Technology for Economic and Clinical Health Act (HITECH) added several HITECH security standards to broaden these increasingly digital landscape protections.

Patients’ medical records are some of the most attractive targets for theft. The US Department of Health and Human Services (HHS) designated them as protected health information (PHI) in the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and laid out measures to ensure their safety. Later, the HITECH Act of 2009 updated these safeguards for the modern era. But what are the major components of the HITECH Act? Keep reading to learn more.

The HITECH Act (Health Information Technology for Economic and Clinical Health Act) was created to promote the need for health information technology as the use of EHRS (electronic health records) becomes the standard. It is part of an economic stimulus package – the American Recovery and Reinvestment Act – that was passed and signed into law in 2009. 

The Health Information Technology for Economic and Clinical Act (HITECH) focuses on the transition of paper healthcare files to electronic reports, making it easier for patients to access their records. The act also covers protected health information (PHI) by requiring healthcare organizations and their third-party associates to be HIPAA compliant. Prior to the HITECH Act healthcare organizations could avoid fines due to non-compliance but this has changed. Now, organizations and their third-party associates are required under the HITECH Act to meet all HIPAA compliance rules. 

The HITECH Act changed how patient health information is processed and stored. It encourages healthcare organizations to transition from paper to electronic files allowing patients to access their records in a secure online environment. It also affected HIPAA and how its rules are enforced. In short, the HITECH Act benefited patients by making it easier for them to access their records while improving and enforcing security protocols.