Tuesday, April 28, 2009

Tip of the Day: HHS guidance on HITECH amendments to HIPAA

Oh, just when you thought HIPAA couldn't get any more complicated, along comes HITECH (Health Information Technology for Economic and Clinical Health Act ), which amends notification procedures when a breach has occurred in protected health information.

The Health and Human Services Department recently released guidance on what counts as “unsecured” information -- if it is not secured through the application of a technology or methodology that renders it unusable, unreadable, or indecipherable to unauthorized individuals and that meets standards specified in guidance published by the government, according to law firm Ballard Spahr Andrews & Ingersoll.

Complying with a 60-day statutory deadline for issuing that guidance, HHS has published information and a request for comments on these technologies and methodologies. Read up, then let me know what steps you're taking to comply with the new normal on protected health info.

No comments: