Written and medically reviewed by Dorcas Morak, Pharm.DThe Health Information Technology for Economic and Clinical Health Act of 2009, known as the HITECH Act, is part of the America Recovery and Reinvestment Act (ARRA) signed into law by President Barack Obama. It provides financial incentives for the widespread transitioning of healthcare providers from paper to electronic record keeping.
What are the goals of the HITECH Act?
The five goals of the HITECH Act are as follows:
- to enhance the effectiveness, safety, and quality of healthcare
- to get patients involved in their care
- to improve care coordination
- to improve the general public's state of health
- to guarantee the confidentiality and privacy of patient information
How has HITECH worked to achieve its goals?
The HITECH Act uses the following to accomplish its goals:
- enables patients to take proactive steps concerning their health
- encourages widespread transition of health records from paper to electronic
- accelerates expansion of health information exchanges
- closes a privacy and security loophole of the Health Information Portability and Accountability Act of 1996
Why is the HITECH Act important?
Before the implementation of the HITECH Act, less than 20% of healthcare providers used EHRs (Electronic Health Records). Though many medical providers sought to embrace EHRs, the cost was prohibitive. But in 2017, after the implementation of the HITECH Act, more than 80% of them successfully implemented EHRs. Additionally, the HITECH Act has strengthened the privacy and security of protected health information by ensuring healthcare organizations and their business associates comply with HIPAA Privacy and Security Rules.
What is the difference between HIPAA and HITECH?
HIPAA focuses on the privacy and security of protected health information (PHI) in the context of healthcare and the medical profession. HITECH paved the way for medical professionals to safely switch from paper to electronic health records. The HITECH act of 2009 also resolves some HIPAA act of 1996 loopholes, broadens and strengthens the enforcement of HIPAA standards, and increases the penalties for HIPAA violations.
Key elements of the HITECH Act:
Business Associate HIPAA Compliance: Under HITECH there is strict enforcement of penalties on business associates that violate HIPAA rules. This drives compliance with HIPAA standards.
Willful neglect penalties: These penalties now range from $25,000 per violation to a maximum of $1.5 million per annum. Fines can be increased or include imprisonment (up to 10 years) for excessive negligence. The huge penalties force medical providers to comply with HIPAA rules as it is more cost-effective to implement a secure system than to pay fines due to neglect.
The Breach Notification Rule: HITECH requires medical providers to inform clients of any data breach and prove they are taking action to mitigate it within 60 days. If 500 or more patients are involved, the federal government and prominent media outlets in the jurisdiction must be informed.
Meaningful use: Under HITECH, medical providers must demonstrate meaningful use of EHRs to receive meaningful use incentive payments. Those who fail to exhibit meaningful use of certified EHRs receive fewer Medicare and Medicaid fees.
Does rxless protect my privacy?