Economic Stimulus Package Ratchets up Privacy and Security for Health Information
By Rebecca L. Williams, Paul T. Smith, Jill H. Gordon, Gerry Hinkley, Allen E. Briskin, Rachel E. Dobrow Stone and Megan Vogel
The new economic stimulus package provides over $19 billion to support and promote the adoption of electronic health records (EHRs) for all Americans by 2014. With this added momentum comes concerns about the privacy and security of EHRs, particularly in the hands of health record exchanges, which are not directly regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The new legislation is loaded with requirements, new enforcement provisions and penalties for covered entities, business associates, vendors and others.
Congress passed the American Recovery and Reinvestment Act of 2009 (the Act) on Friday, Feb. 13, 2009, with almost unprecedented speed, and the President signed it into law on Feb. 17. The Act has grabbed the attention of the country - from inside the beltway to Main Street America. Title XIII of the Act is artfully entitled the Health Information Technology for Economic and Clinical Health (also referred to as HITECH) Act.
Most of the Act's provisions will take effect one year after enactment of the law (Feb. 17, 2010) although increased penalty provisions go into effect immediately. Other provisions require implementing regulations and will take two years or longer to take effect. Continue reading...
