From now through December, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification, securing of protected health information, and electronic health record (EHR) standards development and adoption. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register, Code of Federal Regulations (CFR), or statute, as appropriate.
Exploring HIPAA and HITECH Act Definitions: Parts 11-15, include definitions from:
American Recovery and Reinvestment Act of 2009 (February 17, 2009, pp.258-259),
Health Information Technology for Economic and Clinical Health Act,
Title XIII—Health Information Technology,
Subtitle D—Privacy,
Section 13400—Definitions.
Secretary
Secretary of [U.S. Department of] Health and Human Services.
Security
Has the meaning given such term in section 164.304 of title 45, Code of Federal Regulations [CFR].
“Security or Security measures encompass all of the administrative, physical, and technical safeguards in an information system.”
State
Each of the several States, the District of Columbia, Puerto Rico, the Virgin Islands, Guam, American Samoa, and the Northern Mariana Islands.