The federal government recently passed significant revisions to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. These revisions, called the HITECH Act, require both Covered Entities (health care providers that conduct transactions of protected health information (PHI) in electronic format) and Business Associates (entities that perform a function or provide a service involving the use of PHI) to report any breaches of unsecured PHI.
Depending on the severity of a breach, Covered Entities or Business Associates may be required to notify the individual whose PHI was leaked, the Secretary of the Department of Health and Human Services, and the media. In other words, there's a lot to know and for many health care industry service providers, parsing through the statute and rules to understand these notification requirements is a daunting and time-consuming task.
The attached HITECH Guide dissects the statute and rules and breaks the requirements down into language aimed at business owners and IT professionals. The Guide includes definition of a breach, breach notification requirements, and a recommended procedure in the event of a breach. Click here for your complimentary copy. You're welcome to share this Guide.
Firefox recommends the PDF Plugin for Mac OS X for viewing PDF documents in your browser.
We can also show you Legal Updates using the Google Viewer; however, you will need to be logged into Google Docs to view them.
Please choose one of the above to proceed!
LOADING PDF: If there are any problems, click here to download the file.