On April 17, 2009, HHS issued guidance specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals, as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act passed as part of the American Recovery and Reinvestment Act of 2009. The guidance was developed through a joint effort by OCR, the Office of the National Coordinator for Health Information Technology, and CMS.
The guidance relates to two forthcoming breach notification regulations – one to be issued by HHS for covered entities and their business associates under HIPAA and one to be issued by the Federal Trade Commission for vendors of personal health records and other non-HIPAA covered entities. HITECH requires these regulations to be published within 180 days of enactment. If the entities subject to the regulations apply the technologies and methodologies specified in the guidance to secure information, they will not be required to provide the notifications required by the regulations in the event the information is breached. To view the guidance document click here.
1 week 4 days ago
39 weeks 1 day ago
40 weeks 2 days ago
50 weeks 3 days ago
1 year 6 weeks ago
1 year 11 weeks ago
1 year 48 weeks ago
2 years 8 weeks ago
2 years 21 weeks ago
2 years 31 weeks ago