HIPAA, HITECH and Economic Stimulus?

4 09 2009

One never knows these days whether legislation will contain items affecting your business and not staying informed can be costly.

The recent American Recovery and Reinvestment Act of 2009 not only addresses economic stimulus but contains powerful modifications to the HIPAA’s Privacy and Security Rules. These new regulations are known as the Health Information Technology for Economic and Clinical Health, or The HITECH Act.

From my initial research on this new legislation, the implications are far reaching for any business associated with health care organizations – think accountant, lawyer, pharmacy to name just a few. Under HITECH business partners must adhere to the same rules and regulations defined in HIPAA’s Privacy and Security rules as the healthcare organizations themselves and are subject to the same penalties. A simple example is email communication and document exchange. Exchanges between healthcare providers and their business partners containing protected health information (PHI), such as a prescription order sent by a doctor’s office to the pharmacy, must be secure and encrypted. When these new regulations become effective, communicating with business partners via standard email and FTP will not be sufficient.

How is your organization making plans to comply with the new rules?

Here are a few links I found useful for further reading:


Secure Communications is easy – right?

18 08 2009

IT and business users continue to put strains on the current infrastrutures for automation and communications.  The increasing use of mobile devices, available internet tools and the emergence of users using whatever it takes to get the job done is creating risk for organizations.  Here are 5 key things IT leaders need to understand.