HHS Releases HITECH Breach Notification Guidance | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HHS Releases HITECH Breach Notification Guidance

April 20, 2009
by root
| Reprints

The U.S. Department of Health and Human Services (HHS, Washington) has outlined guidance in the technologies and methodologies regarding protected health information as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act, passed as part of American Recovery and Reinvestment Act of 2009. The guidance was developed, according to HHS, by through a joint effort by the HHS Office for Civil Rights, Office of the National Coordinator for Health Information Technology, and Centers for Medicare and Medicaid Services.

The outline relates to two forthcoming breach notification regulations — one from HHS under the Health Insurance Portability and Accountability Act, and the other from the Federal Trade Commission for vendors of personal health records and other non-HIPAA covered entities, says HHS. HITECH requires these regulations to be published within 180 days of enactment. If the entities subject to the regulations apply the technologies and methodologies specified in the guidance to secure information, they will not be required to provide the notifications required by the regulations in the event the information is breached, says the organization.

In addition to this guidance, HHS has also issued a request for information soliciting public comment on the breach notification provisions of the HITECH Act to inform future rulemaking and updates to the guidance. The guidance and request for information are available online. Once published in the Federal Register, both will be available for public comment.

Topics

News

Community Data Sharing: Eight Recommendations From San Diego

A learning guide focuses on San Diego’s experience in building a community health information exchange and the realities of embarking on a broad community collaboration to achieve better data sharing.

HealthlinkNY’s Galanis to Step Down as CEO

Christina Galanis, who has served as president and CEO of HealthlinkNY for the past 13 years, will leave her position at the end of the year.

Email-Related Cyber Attacks a Top Concern for Providers

U.S. healthcare providers overwhelmingly rank email as the top source of a potential data breach, according to new research from email and data security company Mimecast and conducted by HIMSS Analytics.

Former Health IT Head in San Diego County Charged with Defrauding Provider out of $800K

The ex-health IT director at North County Health Services, a San Diego County-based healthcare service provider, has been charged with spearheading fraudulent operations that cost the organization $800,000.

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.