HITECH & ARRA Information

Proposed EHNAC HITECH/ARRA Criteria

EHNAC has developed draft criteria reflecting new rules and regulations generated from the American Recovery and Reinvestment Act (ARRA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act signed into law by President Obama in February 2009. This legislation amends existing rules and regulations and provides new HIPAA standards to strengthen security and privacy protections. The HITECH Act contains privacy and security provisions applicable to covered entities and their third-party business associates. Perhaps most significantly, the new law increases the legal obligations of business associates and makes them directly subject to the requirements of HIPAA.

Because of this legislation, organizations that handle or manage PHI are subject to an expanded range of rules and regulations surrounding data privacy and security. Therefore EHNAC has taken the initiative to include key provisions of ARRA and HITECH and developed the draft criteria to enhance its requirements for all of its accreditation programs, where applicable.