Protecting a patient’s privacy has always been important, but now it rises to a new critical level. The Health Information Technology for Economic and Clinical Health Act (“HITECH”) put the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules on steroids. Specifically, HITECH created financial incentives for healthcare providers to adopt and implement electronic health records, increased the penalties for breaches of HIPAA Privacy and Security rules and mandated the government to audit healthcare plans, clearinghouses, healthcare providers and business associates for compliance with HIPAA.
First, providers are eligible for financial incentives if they adopt, implement and “meaningfully use” electronic health records. In order to be deemed a “meaningful user”, the providers must attest to satisfaction of specific objectives and measures. The objectives are based upon five specific policy priorities; one of