FileShred has the expert knowledge, experience and resources to make your compliance with the destruction of protected health information easy.
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) was signed into law in 2009, but was not fully incorporated into practice until 2014. This act strengthens HIPAA regulation. It states that HIPAA covered entities must provide notification in the case of breaches of “unsecured Protected Health Information” (PHI). This regulation also requires covered entities to insure that their vendors also known as business associates fully comply with HIPAA HITECH provisions.
The legislation makes business associates directly responsible to HIPAA’s privacy and security requirements as well as the penalties for violating those requirements. The HITECH Law also requires that in the event of a data breach business associates are required to notify the covered entity that they are servicing.
The federal government has given all state Attorney General’s offices the authority to enforce HIPAA, with a penalty structure with fine amounts ranging from $25,000 to as much as $1.5 million for each individual violation.