About HIPAA : HITECH ACT

HITECH ACT

As part of the American Recovery and Reinvestment Act of 2009, the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law in order to promote the adoption and meaningful use of health information technology (HIT). By investing in HIT the HITECH Act seeks to improve patient care and reduce health costs. It also includes incentive programs administered by the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator of Health Information Technology (ONC).  The programs are available to eligible providers and eligible hospitals that “meaningfully use” certified electronic health record technology (CEHRT) and meet certain thresholds. The provider must also submit information on the quality of care to the Secretary of Health & Human Services (HHS). 

Meaningful use is established when using CEHRT to:

  • Improve quality, safety, efficiency and reduce health discrepancies
  • Engage patients and family
  • Improve in public health and care coordination
  • Maintain the security and privacy of health information

Compliance in meaningful use will result in:

  • Better clinical outcomes
  • Improved outcomes of population health
  • An increase in transparency and efficiency
  • Individuals being empowered
  • Better research data on health systems

Meaningful use criteria and objectives will evolve during a five year span.  Stage 1 includes data capture and sharing.  Stage 2 will advance clinical processes.  Stage 3 focuses on the improvement of outcomes.

The HITECH Act accomplishes four major goals through the use of HIT by:

  • Developing standards that allow nationwide electronic exchange and use of health information.
  • Investing in HIT infrastructure, Medicare and Medicaid incentives in order to encourage doctors and hospitals to use HIT to electronically exchange patient’s health information.
  • Saving the government billions through improvements in quality of care, care coordination, medical errors and duplicate care.
  • Strengthening privacy and security law to protect identifiable health information.

The HITECH Act strengthens the enforcement of the HIPAA rules, addressing the concerns associated with the electronic transmission of health information through:

  • Breach notifications being required for individuals if an unauthorized disclosure or use of their health information occurs.
  • Entities that do work on behalf of providers and insurers are now subject to the same privacy and security rules as the providers and health insurers themselves.
  • Patients being able to request disclosures of their health information.
  • Patients must grant authorization in order for their health information to be used in marketing and fundraising activities.
  • Increased penalties for privacy and security law violations and provides more resources for enforcement and oversight activities.

Sources