My Company Store 
l rss t f yt

   

HITECH Act - The Health Information Technology For Economic And Clinical Health Act

(Part of the American Recovery and Reinvestment Act of 2009)

What does it mean?

  • The Health Information Technology for Economic and Clinical Health Act (HITECH Act) extends certain HIPAA requirements, such as the administrative, physical and technical safeguard requirements for health information, to Business Associates
  • Requires Business Associates that are aware of a pattern of activity that constitutes a violation of HIPAA to take certain steps to cure the violation

Who is affected?

  • Any organization with access to protected health information (Covered Entities)
  • Business Associates of Covered Entities and certain third-party service providers
  • Vendors of Public Health Records

What is the impact? (penalties and fines)

  • Tiered-penalty structure based on the organization’s level of knowledge of the violation:
  • If entity did not know of violation, penalties of $100-$50,000 per violation
  • If violation is due to reasonable cause and not willful neglect, penalties of $1,000 - $50,000 per violation
  • If violation is due to willful neglect and failure is corrected within 30 days, penalties of $10,000 - $50,000 per violation
  • If violation is due to willful neglect and failure is not corrected within 30 days, penalties of at least $50,000 per violation
  • Additional enforcement authorized for State Attorney Generals

How to reach compliance?

  • Develop written privacy and security policies and procedures related to handling protected health information
  • In the event of a security breach, notify affected individuals and the Federal Trade Commission without unreasonable delay and within 60 calendar days

Contact Us and a Cintas Document Management expert will do a no-obligation evaluation of your facility's information management needs.