Not everybody is an instant Gus Gorman. "Genius" turned bad guy by rou...
HITECH and Meaningful Use
Health Information Technology for Economic and Clinical Health Act
Overview
The HITECH Act was enacted as part of the American Recovery and Reinvestment Act of 2009. It dictates additional privacy and security requirements over the transmission of electronic health information (EPHI) and extends requirements to business associates of covered entities.
The HITECH Act includes a number of new or enhanced requirements:
- Breach notification rules dictating timeliness and minimum requirements
- Audits and enforcement by the Department of Health and Human Services
- Protection of Electronic Health Records (EHR)
- Signed Business Associate Agreements on file with covered entities
Meaningful Use
Meaningful Use standards for security and privacy are required in compliance with the incentive programs, including Electronic Health Records (EHR) modules for the following:
- Access Control
- Emergency Access
- Automatic log-off
- Audit log
- Integrity
- Authentication
- General Encryption
- Encryption when exchanging electronic health information
- Account of disclosure (optional)
Click here to download our Meaningful Use Assessment overview (PDF)
References
- American Recovery and Reinvestment Act of 2009
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Health IT Government Meaningful Use
- National Institute of Standards and Technology test procedures for Meaningful Use
Industry
- Business Associates to Covered Entities
- Hospitals
- Medical Offices
- Health Insurance Providers
- Any Covered Entity
Thanks for the most informative and thorough assessment we have had!
Connect With Us
Keep up to date with changes in the world of Information Security and Computer Forensics.
