On April 17, 2009, HHS issued guidance specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals, as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act passed as part of the American Recovery and Reinvestment Act of 2009. The guidance was developed through a joint effort by OCR, the Office of the National Coordinator for Health Information Technology, and CMS.
The guidance relates to two forthcoming breach notification regulations – one to be issued by HHS for covered entities and their business associates under HIPAA and one to be issued by the Federal Trade Commission for vendors of personal health records and other non-HIPAA covered entities. HITECH requires these regulations to be published within 180 days of enactment. If the entities subject to the regulations apply the technologies and methodologies specified in the guidance to secure information, they will not be required to provide the notifications required by the regulations in the event the information is breached. To view the guidance document click here.
27 weeks 4 days ago
1 year 1 week ago
1 year 10 weeks ago
1 year 13 weeks ago
1 year 19 weeks ago
1 year 30 weeks ago
1 year 33 weeks ago
1 year 36 weeks ago
1 year 39 weeks ago