• Enhanced HIPAA Privacy and Security Provisions under the HITECH Act and its Interim Final Rule
  • October 16, 2009 | Author: Andrew B. Eills
  • Law Firm: Hinckley, Allen & Snyder LLP - Concord Office
  • While much of the media interest in the stimulus package enacted by Congress in January of this year and signed by the President in February focused on appropriations, the American Reinvestment and Recovery Act of 2009 ("ARRA") has amplified the Health Insurance Portability and Accountability Act ("HIPAA") privacy requirements for healthcare providers and business associates. ARRA includes the Health Information Technology for Economic and Clinical Health Act ("HITECH" or the "Act"). On August 24, 2009, the U.S. Department of Health and Human Services issued its Interim Final Rule ("IFR") implementing the requirements of the Act. Healthcare providers and their business associates now need to know the new duties and obligations that HITECH and the IFR impose. While some provisions of the IFR will become effective over time, many of the regulations are effective as of September 23, 2009.