What is HITECH and, How Does it Relate to HIPAA Compliance?

HITECH regulations featured

HIPAA is a detailed and comprehensive set of regulations governing IT systems and data handling in the healthcare industry. As times change, so too has the language of HIPAA evolved to address those changes. One of these updates is the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. This law modernized HIPAA and directed entities in healthcare to adopt more modern, digital record keeping and security technologies. 

Here, we’ll cover some of the basics of HITECH and what it changed in the language of HIPAA. 

 

Read More

Ransomware and HIPAA Compliance in 2021

ransomware featured

July 5th saw a major attack on Managed Service Providers (MSPs), including Kaseya services. MSPs like Kesaya often offer their cloud-based services to several clients in multiple sectors, and Kesaya is no exception. In fact, Kesaya offers specific managed IT resources for healthcare clients, although no information has been released about any affected organizations. 

The combination of increased reliance on MSPs and the sensitive nature of healthcare providers make ransomware attacks a real threat, one that your dedicated IT team must consider as part of your cybersecurity and compliance strategy. 

 

Read More

The 2021 Guide to HIPAA Compliance

HIPAA compliance featured

Table of Contents

  1. What is HIPAA?
  2. HIPAA Compliance Terminology
  3. What Are the Three Rules of HIPAA Compliance?
  4. What Is the HIPAA Privacy Rule?
  5. What Is the HIPAA Security Rule?
  6. What Is the HIPAA Breach Notification Rule?
  7. What Is the HITECH Act?
  8. What Is the Omnibus Rule?
  9. What Does HIPAA Compliance Entail?
  10. What Are the Penalties for Not Meeting HIPAA Compliance?
  11. What Can I Do to Ensure That My Organization is HIPAA Compliant?


What is HIPAA?

HIPAA is the Health Insurance Portability and Accountability Act signed into law by President Bill Clinton in 1996. HIPAA was put into place to protect patient data from theft or loss. 

Why is this important? Private Health Information (PHI) is considered some of the most sensitive data that a person can have. It was determined that it was critical to protect PHI for patients and that this responsibility fell on healthcare providers who used that information for treatment, research, or billing purposes. 

With the emergence of electronic PHI (ePHI) and digital technologies like networked communication and electronic recordkeeping, HIPAA became that much more important. HIPAA was therefore conceptualized to protect ePHI no matter where it is. 

Read More