Since it passed in 2009, the HITECH (Health Information Technology for Economic and Clinical Health) Act was meant to enforce certain rules within the HIPAA Omnibus Rule. It’s important that those in healthcare IT understand the relationship between the two.
THE IMPACT OF THE HITECH ACT
The HITECH Act’s stated aim was to improve the on-boarding and meaningful use of HIT. In doing so, the HITECH Act also affected the standards Health and Human Services (HHS) used to evaluate hospitals and expanded the scope of jurisdiction. It also bolstered the HHS OCR’s (Office for Civil Rights) tools of enforcement. Georgina Verdugo, director of the OCR, said that added vigilance would help convince consumers of the privacy and security of their health information and protected personal information (PPI).
WHERE HIPAA AND HITECH MEET
By broadening the scope of HIPAA, the HITECH Act increased the number of participating stakeholders or business associates. Previously, HIPAA described a business associate as a person performing functions or activities for or on the behalf of a covered entity.
HITECH changed HIPAA’s definition of business associates to include:
*Health Information Organizations (HIO)
*Patient Safety Organizations (PSO)
*Gateways, portals, and e-prescribers
*Certain people providing PPI on behalf of another covered entity
*People involved in data transmission including subcontractors and delegates
HITECH also created new categories of HIPAA penalties. This was meant to distinguish violations based on nature, extent, and the harm caused to patients. Currently, there are three categories which correspond with three civil penalties outlined in the HITECH Interim Final Rule.
HIPAA-HITECH FURTHER CONNECTED
There are, of course, other areas where HIPAA and HITECH overlap. They are both sweeping and exhaustive legislation that often cover similar areas, especially where electronic medical records, are concerned. This includes meaningful use and PHI. HITECH incentivizes the meaningful use of electronic medical records in order to improve health care and outcomes. Other areas covered in both HIPAA and HITECH are breech reporting requirements, patient access to PHI, and facilitation of medical research.
If your practice wishes to learn more about HIPAA, HITECH, meaningful use, healthcare reform, and regulatory compliance, visit us at https://ehr1.com/.
CLICK HERE TO CONTACT US TODAY!