Regulatory Compliance should be a by-product of good information security. Our experts know where the two should meet.

You are here

Services > Regulatory Compliance > HITECH Act Compliance

HITECH Act Compliance

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law on February 17, 2009. The HITECH Act is aimed at providing funds for the development of a nationwide health information technology infrastructure to providers that enhances electronic use and exchange of health information in a secure manner.

The HITECH Act expanded the reach of the Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy Rules and criminal penalties directly to business associates of covered entities and every entity that handles health information.

HITECH compliance  applies to covered entities, including hospitals, healthcare providers, health plans, business associates, vendors, Health Information Exchanges (HIEs), Regional Health Information Organizations (RHIOs), and Personal Health Records (PHRs).

To press the importance of improved fraud detection techniques, a new security breach notification requirement has been imposed on covered entities, business associates and other entities by the HITECH Act. To be in HITECH compliance, the legislation requires HIPAA regulated entities, business associates and other related entities to notify respective agencies e.g. HHS, FTC and individuals affected in the event of a security breach involving unprotected health information that has been compromised.

ERM can assist your organization to meet HITECH compliance requirements in the following ways:

  • Provide physical and logical security solutions for the control and security of health information assets by the development of a comprehensive security framework also including the utilization of the encryption technology and improved fraud detection techniques.
  • Assist in security breach investigations, by helping you trace the attack and preserve evidence in the process. Electronic fraud investigation and E-crime expert support is our forte, thanks to our advanced fraud detection techniques and expertise. ERM boasts of an exemplary past record in incident response support and security breach remediation.