Health Information Technology for Economic and Clinical Health Act
| Health Information Technology for Economic and Clinical Health Act | |
|---|---|
| Short Title | HITECH Act |
| Official Text | Health Information Technology for Economic and Clinical Health Act |
| Country/Jurisdiction | United States |
| State or Province | |
| Regulatory Bodies | United States Congress |
| Date Enacted | 2009/01/06 |
| Scope of the Law | Patients, Families, Individuals, Health Care Providers, HIT Policy Committee |
| Information | |
| Taxonomy | Exclusion, Insecurity |
| Strategies | |
Text of the law
‘‘SEC. 3001. OFFICE OF THE NATIONAL COORDINATOR FOR HEALTH INFORMATION TECHNOLOGY. Decisional Interference, Insecurity, Breach of Confidentiality, Interrogation
‘‘(b) PURPOSE.—The National Coordinator shall perform the
duties under subsection (c) in a manner consistent with the development of a nationwide health information technology infrastructure
that allows for the electronic use and exchange of information
and that—
‘‘(1) ensures that each patient’s health information is secure and protected, in accordance with applicable law;
‘‘(2) improves health care quality, reduces medical errors,
reduces health disparities, and advances the delivery of patient-centered medical care;
‘‘(3) reduces health care costs resulting from inefficiency, medical errors, inappropriate care, duplicative care, and incomplete information;
‘‘(4) provides appropriate information to help guide medical decisions at the time and place of care;
‘‘(5) ensures the inclusion of meaningful public input in such development of such infrastructure;
‘‘(6) improves the coordination of care and information among hospitals, laboratories, physician offices, and other entities through an effective infrastructure for the secure and authorized exchange of health care information;
‘‘(7) improves public health activities and facilitates the early identification and rapid response to public health threats and emergencies, including bioterror events and infectious disease outbreaks;
‘‘(8) facilitates health and clinical research and health care quality;
‘‘(9) promotes early detection, prevention, and management of chronic diseases;
‘‘(10) promotes a morre effective marketplace, greater competition, greater systems analysis, increased consumer choice, and improved outcomes in health care services; and
‘‘(11) improves efforts to reduce health disparities.
‘‘SEC. 3007. FEDERAL HEALTH INFORMATION TECHNOLOGY.
‘‘(a) IN GENERAL.—The National Coordinator shall support the development and routine updating of qualified electronic health record technology (as defined in section 3000) consistent with subsections (b) and (c) and make available such qualified electronic health record technology unless the Secretary determines through an assessment that the needs and demands of providers are being substantially and adequately met through the marketplace.
‘‘(b) CERTIFICATION.—In making such electronic health record technology publicly available, the National Coordinator shall ensure that the qualified electronic health record technology described in subsection (a) is certified under the program developed under section 3001(c)(3) to be in compliance with applicable standards adopted under section 3003(a).
‘‘(c) AUTHORIZATION TO CHARGE A NOMINAL FEE.—The National Coordinator may impose a nominal fee for the adoption by a health care provider of the health information technology system developed or approved under subsection (a) and (b). Such fee shall take into account the financial circumstances of smaller providers, low income providers, and providers located in rural or other medically underserved areas.
‘‘(d) RULE OF CONSTRUCTION.—Nothing in this section shall be construed to require that a private or government entity adopt or use the technology provided under this section.
‘‘SEC. 3011. IMMEDIATE FUNDING TO STRENGTHEN THE HEALTH INFORMATION TECHNOLOGY INFRASTRUCTURE.
‘‘(a) IN GENERAL.—The Secretary shall, using amounts appropriated under section 3018, invest in the infrastructure necessary to allow for and promote the electronic exchange and use of health information for each individual in the United States consistent with the goals outlined in the strategic plan developed by the National Coordinator (and as available) under section 3001. The Secretary shall invest funds through the different agencies with expertise in such goals, such as the Office of the National Coordinator for Health Information Technology, the Health Resources and Services Administration, the Agency for Healthcare Research and Quality, the Centers of Medicare & Medicaid Services, the Centers for Disease Control and Prevention, and the Indian Health Service to support the following:
‘‘(1) Health information technology architecture that will support the nationwide electronic exchange and use of health information in a secure, private, and accurate manner, including connecting health information exchanges, and which may include updating and implementing the infrastructure necessary within different agencies of the Department of Health and Human Services to support the electronic use and exchange of health information.
‘‘(2) Development and adoption of appropriate certified electronic health records for categories of health care providers not eligible for support under title XVIII or XIX of the Social Security Act for the adoption of such records.
‘‘(3) Training on and dissemination of information on best practices to integrate health information technology, including electronic health records, into a provider’s delivery of care, consistent with best practices learned from the Health Information Technology Research Center developed under section 3012(b), including community health centers receiving assistance under section 330, covered entities under section 340B, and providers participating in one or more of the programs under titles XVIII, XIX, and XXI of the Social Security Act (relating to Medicare, Medicaid, and the State Children’s Health Insurance Program).
‘‘(4) Infrastructure and tools for the promotion of telemedicine, including coordination among Federal agencies in the promotion of telemedicine.
‘‘(5) Promotion of the interoperability of clinical data repositories or registries.
‘‘(6) Promotion of technologies and best practices that enhance the protection of health information by all holders of individually identifiable health information.
‘‘(7) Improvement and expansion of the use of health information technology by public health departments.
‘‘(3) OBJECTIVE.—The objective of the regional centers is to enhance and promote the adoption of health information technology through—
‘‘(A) assistance with the implementation, effective use, upgrading, and ongoing maintenance of health information technology, including electronic health records, to healthcare providers nationwide;
‘‘(B) broad participation of individuals from industry, universities, and State governments;
‘‘(C) active dissemination of best practices and research on the implementation, effective use, upgrading, and ongoing maintenance of health information technology, including electronic health records, to health care providers in order to improve the quality of healthcare and protect the privacy and security of health information;
‘‘(D) participation, to the extent practicable, in health information exchanges;
‘‘(E) utilization, when appropriate, of the expertise and capability that exists in Federal agencies other than the Department; and
‘‘(F) integration of health information technology, including electronic health records, into the initial and ongoing training of health professionals and others in the healthcare industry that would be instrumental to improving the quality of healthcare through the smooth and accurate electronic use and exchange of health information.
SEC. 13402. NOTIFICATION IN THE CASE OF BREACH.
(a) IN GENERAL.—A covered entity that accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses unsecured protected health information (as defined in subsection (h)(1)) shall, in the case of a breach of such information that is discovered by the covered entity, notify each individual whose unsecured protected health information has been, or is reasonably believed by the covered entity to have been, accessed, acquired, or disclosed as a result of such breach.
(b) NOTIFICATION OF COVERED ENTITY BY BUSINESS ASSO- CIATE.—A business associate of a covered entity that accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses unsecured protected health information shall, following the discovery of a breach of such information, notify the covered entity of such breach. Such notice shall include the identification of each individual whose unsecured protected health information has been, or is reasonably believed by the business associate to have been, accessed, acquired, or disclosed during such breach.
(c) BREACHES TREATED AS DISCOVERED.—For purposes of this section, a breach shall be treated as discovered by a covered entity or by a business associate as of the first day on which such breach is known to such entity or associate, respectively, (including any person, other than the individual committing the breach, that is an employee, officer, or other agent of such entity or associate, respectively) or should reasonably have been known to such entity or associate (or person) to have occurred.
SEC. 13403. EDUCATION ON HEALTH INFORMATION PRIVACY.
(a) REGIONAL OFFICE PRIVACY ADVISORS.—Not later than 6 months after the date of the enactment of this Act, the Secretary shall designate an individual in each regional office of the Department of Health and Human Services to offer guidance and education to covered entities, business associates, and individuals on their rights and responsibilities related to Federal privacy and security requirements for protected health information.
(b) EDUCATION INITIATIVE ON USES OF HEALTH INFORMATION.—
Not later than 12 months after the date of the enactment of this Act, the Office for Civil Rights within the Department of Health and Human Services shall develop and maintain a multi-faceted national education initiative to enhance public transparency regarding the uses of protected health information, including programs to educate individuals about the potential uses of their protected health information, the effects of such uses, and the rights of individuals with respect to such uses. Such programs shall be conducted in a variety of languages and present information in a clear and understandable manner.
SEC. 13406. CONDITIONS ON CERTAIN CONTACTS AS PART OF HEALTH CARE OPERATIONS.
(b) OPPORTUNITY TO OPT OUT OF FUNDRAISING.—The Secretary shall by rule provide that any written fundraising communication that is a healthcare operation as defined under section 164.501 of title 45, Code of Federal Regulations, shall, in a clear and conspicuous manner, provide an opportunity for the recipient of the communications to elect not to receive any further such communication. When an individual elects not to receive any further such communication, such election shall be treated as a revocation of authorization under section 164.508 of title 45, Code of Federal Regulations.
Disclaimer: The text of this law may not be the most recent version. We make no warranties or representations about the accuracy, completeness, or adequacy of the information contained on this site. Please check official sources.