The Health Information Technology for Economic and Clinical Health Act (HITECH Act or "The Act") is part of the American Recovery and Reinvestment Act of 2009. Under the HITECH Act, business associates are now directly "on the compliance hook;" they are required to comply with the safeguards contained in the Security Rule (SR).
“Application of Section 164.310 shall apply to a business associate of a covered entity in the same manner that such sections apply to the covered entity. Penalties for willful neglect can extend up to $250,000, with repeat/uncorrected violations extending up to $1.5 million.” -HITECH Act Sec. 13401. Application of Security Provisions and Penalties to Business Associates of Covered Entities; Annual Guidance on Security Provisions.
We can help ensure your compliance. Call 1-800-225-7554 or complete the form on the right to get a copy of the HITECH/The Act.