ARRA’s HITECH Privacy Provisions Apply HIPAA Security Rule to Business Associates

President Obama signed into law the American Recovery and Reinvestment Act of 2009 (ARRA) on Tuesday, February 17, 2009. The Health Information Technology for Economic and Clinical Health Act (HITECH) provisions of ARRA in Title XIII include important changes in Privacy (Subtitle D). Our focus in this posting is the change related to business associates under HIPAA Administrative Simplification that is specified in Section 13401: Application of Security Provisions and Penalties to Business Associates of Covered Entities. In this section, administrative, physical, and technical safeguards, and policy, procedure, and documentation requirements of the HIPAA Administrative Simplification Security Rule “shall apply to a business associate of a covered entity in the…


American Recovery and Reinvestment Act of 2009

ONE HUNDRED ELEVENTH CONGRESS of the UNITED STATES of AMERICA American Recovery and Reinvestment Act of 2009 Making supplemental appropriations for job preservation and creation, infrastructure investment, energy efficiency and science, assistance to the unemployed, and State and local fiscal stabilization, for the fiscal year ending September 30, 2009, and for other purposes. AGENCY: 111th US Congress. ACTION: Act. Download (Requires Acrobat Reader)

President Obama to Sign ARRA’s HITECH provisions Tuesday, February 17, 2009, in Denver, CO

The Senate joined the House on Friday evening, February 13, 2009, in passing the American Recovery and Reinvestment Act, which includes provisions relating to Health Information Technology. Title XIII of Division A and Title IV of Division B together are known as the “Health Information Technology for Economic and Clinical Health Act” or the “HITECH Act.”  We will be highlighting attributes of the HITECH Act through the end of February. Contrary to the political blather, this legislation is a significant step forward in providing funding and incentives to accelerate adoption of standardized and interoperable electronic business and clinical technologies in healthcare and in strengthening privacy safeguards for patients’ protected health…