From now through early December, HIPAA.com is providing a run through of HIPAA transaction & code set, privacy, and security definitions, along with relevant HITECH Act definitions pertaining to breach notification, securing of protected health information, and electronic health record (EHR) standards development and adoption. These definitions are key to understanding the referenced HIPAA and HITECH Act enabling regulations that are effective now and that will require compliance by covered entities and business associates now or in the months ahead, as indicated in HIPAA.com’s timeline. Each posting will contain three definitions, with a date reference to the Federal Register, Code of Federal Regulations (CFR), or statute, as appropriate.
Exploring HIPAA and HITECH Act Definitions: Parts 11-15, include definitions from:
American Recovery and Reinvestment Act of 2009 (February 17, 2009, pp.258-259),
Health Information Technology for Economic and Clinical Health Act,
Title XIII—Health Information Technology,
Has the meaning given such term in section 164.501 of title 45, Code of Federal Regulations [CFR]:
“The provision, coordination, or management of health care and related services by one or more health care providers, including the coordination or management of health care by a health care provider with a third party; consultation between health care providers relating to a patient; or the referral of a patient for health care from one health care provider to another.”
Has the meaning given such term in section 160.103 of title 45, Code of Federal Regulations [CFR]:
“With respect to individually identifiable health information, the sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information.”
Vendor of Personal Health Records
An entity, other than a covered entity (as defined), that offers or maintains a personal health record.