Corporate Compliance

TIP: HIPAA and HITECH facts you should know

Compliance Monitor, September 7, 2011

Game-changer. On February 17, 2009, President Obama signed into law the $787 billion American Recovery and Reinvestment Act that includes provisions for heightened enforcement of the Health Insurance Portability and Accountability Act (HIPAA) and stiffer penalties for privacy and security violations. Those provisions fall under the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Regulations due. Since HITECH was signed into law, the Office for Civil Rights (OCR) has issued regulations facilities must follow in order to uphold the law. Effective now are an interim final rule regarding breach notification and an interim final rule about government enforcement. Regulations pending as of press time include:


  • Breach notification final rule
  • Enforcement final rule
  • Modifications to the privacy and security final rule
  • Accounting of disclosures final rule (proposed rule published in the May 31 Federal Register)


Most Popular