Definition: The HITECH Act is a set of healthcare laws and regulations related to healthcare information that was signed into law in 2009. The provisions of the law center upon creating new healthcare information standards, increased federal spending related to private healthcare information, support for converting systems to one that is electronically based and funds that support the idea of federal control over the exchange of healthcare information. An organization's information security plan should address these requirements.
Its Relevance: Covered entities must disclose information breaches in a manner specified by the federal government. Specific security responsibilities and audit trails are required and restrictions on how healthcare information can be used are imposed. The new law reportedly increases penalties for violations and provides stronger enforcement provisions. Any covered entity needs to be fully aware of the new law’s implications.