Monday, August 16, 2010

HIPAA HITECH - E-Discovery and the Healthcare Industry

This week, I'd like to talk about HIPAA HITECH.


What is HIPAA HITECH?


Well, HIPAA is a 1996 federal law on health insurance, and it stands for:


Health
Insurance
Portability and
Accountability
Act


In 2009, HIPPA was amened to add the HITECH Act. This, in turn, stands for:


Health
Information
Technology for
Economic and
Clinical
Health
Act


It's the 'Information Technology' of HITECH that hints at the law's purpose. According to the U.S. Department of Health and Human Services (HHS), HITECH is intended "to promote the adoption and meaningful use of health information technology." HITECH covers security and privacy issues when a person's health information is transmitted electronically.


HIPAA HITECH brings the world of electronic discovery to the world of health care in the form of "electronic health records" and how these records are handled.


HIPAA HITECH is complicated, and has many aspects. I'd like to touch on just a few, this week:

  • The law extended privacy protections to 'business associates' of 'covered entities'. Basically, health information has to be kept private not only by health care providers, but also by their business associates.
  • The law also has new breach notification requirements. If health information is released to the outside world, notification must be made, as per new regulations of HHS (which were required under the new law).
  • Another significant change in the law includes new rules on how to account for disclosures of a person's health information.

These changes are just a few of the changes under HIPAA HITECH (although they are some of the more significant ones). In the months to come, I plan to discuss more, and more detailed, aspects of HIPAA HITECH.