The Advent of HITECH and Its Implications by eGestalt


More Info
									                                The Advent of HITECH and Its Implications

HITECH is a re-defined and stricter version of HIPAA, i.e. the Health Insurance Portability and Accountability Act,
established in 1996. Since the time of its inception,it is mandatory for every health organization/medical institution
to comply with it. Congress introduced this act to secure the health insurance rights of workers.

HIPAA and its concerns
The major issue with HIPAA compliance was its broad interpretation taken by numerous insurers and healthcare
providers. This led to an inconsistent adoption by the providers. People were not sure whether they were being
compliant or not, the requirements were not well defined and the enforcements less.

Emergence of HITECH and its implications
HITECH, i.e. Health Information Technology for Economic and Clinical Health Act, established in 2009 brought
relevant modifications to HIPAA. This act offers incentives for using electronic health records. It also expands the
scope of security and privacy available under HIPAA. Simultaneously, the penalty and legal liability for any kind of
non-compliance has been increased, enforcements and notification standards made rigid than before.

HITECH defines a security breach as an unsanctioned access, disclosure, use or acquisition of private health,
medical or patient data. It risks the secure health information privacy with an exception to a situation where an
unapproved access to an individual whom such information would not result in any kind of threat.

Therefore, as per this definition any security breach that reveals the confidential information of a patient would be
subjected to serious consequences. Strict penalties under HITECH will assist the justification of financing needed
for the security and compliance projects that otherwise might have been unnoticed under ambivalent
enforcement defined by HIPAA.

Being HITECH and HIPAA compliant
Complying with HIPAA and HITECH might appear to be time consuming and a cumbersome process. However,
today the compliance management solution providers have made this task easy. They offer users with solutions in
the cloud that need no investments on hardware or software and can be fast implemented without them fretting
over any back up requirements or technical assistance. It includes an in-built HIPAA and HITECH assistance that can
be easily expanded and updated automatically. The data gets stored in SaS 70 Type II secure data center and no
electronic patient data gets deleted from the client sites.

In addition to this, compliance management solution also provides the required compliance reports and risk
analysis. This is essential for representing the desired level of meaningful use for covered entities to get
reimbursements from the federal government.

Also read more on - vendor management, IT Compliance, it governance risk and compliance

To top