What is the Health Information Technology for Economic and Clinical Health (HITECH) Act?
This Act directs the FTC to issue a rule requiring entities that obtain consumers’ personal information but are not subject to the Health Insurance Portability & Accountability Act (“HIPAA”) (Pub. L. No. 104-191, 110 Stat. 1936 (1996)), such as many vendors of personal health records and third party service providers, to notify affected individuals and the FTC (which notifies the Secretary of Health and Human Services) in the event of a data breach or inadvertent disclosure of unsecured identifiable health information in personal health records. The Act also directs the Secretary of Health and Human Services, consulting with the FTC, to complete a study and report on privacy and security requirements for such entities.
For more information, see here: https://www.ftc.gov/legal-library/browse/statutes/health-information-technology-hitech-provisions-american-recovery-reinvestment-act-2009-title-xiii
AND
https://www.healthit.gov/sites/default/files/hitech_act_excerpt_from_arra_with_index.pdf
AND
https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html
These materials were obtained directly from the Federal Government public websites and are posted here for your review and reference only. No Claim to Original U.S. Government Works. This may not be the most recent version. The U.S. Government may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.