Essay Example on HITECH Act Violations

The HITECH Act is a part of the ARRA, and the policy was developed to support the Electronic Health Record and other technology in the health sector in the United States (Kempfert & Reed, 2011). The act was signed into law in 2009 and was aimed at medical practitioners, including doctors, nurses, can share electronic health information of their patients between hospitals. The HITECH Act contains various privacy and security protections and offers guidelines of the steps that should be taken in case of violations of patients' rights. The HIPAA gives the consequences to be met if a patient's information is breached or violated when using electronic health records (Mennemeyer, Menachemi, Rahurkar, & Ford, 2016). The penalties issued by HIPAA can be up to $250,000, and in case violations are repeated or extended by a medical practitioner; the fines may be as high as $1.5 million. According to the HITECH Act, there are mandatory penalties for willful neglect.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The HITECH Act contains breach notification requirements once a patient's information is released without their consent. When such an incident happens, patient information is compromised, the HITECH Act requires that the former must be informed within the time required (Kempfert & Reed, 2011). If the breach affects more than five hundred patients, the patient, HHS, local media, and the state privacy officer must be notified for steps of resolving the breach to be taken. Individual notice to the patient must be provided immediately in less than sixty days following the discovery of the violation. Notification regarding the same should be presented to the media through a press release not later than sixty days after the occurrence. The secretary is notified through the HHS website, and a breaching report should be submitted electronically.

If a breach affects less than five hundred patients, there should be an individual notice and notice to the secretary (Mennemeyer et al., 2016). The notice to the secretary may be provided on an annual basis not later than sixty days after the end of the calendar year in which the breaching occurred. The individuals affected must also be presented with a written report not more than sixty days after breaching takes place.

One of the recommendations that may assist in mitigating potential violations of the HITECH Act is by offering more training to medical practitioners involved with electronic health records of patients. The staff should be trained and equipped with the information they need to handle electronic information properly. Secondly, health centers should hire personnel to prevent their computer systems from cyber-attacks. Cybercriminals may gain confidential information through phishing or using malware and ransomware.

References

Kempfert, A. E., & Reed, B. D. (2011). Health care reform in the United States: HITECH Act and HIPAA privacy, security, and enforcement issues. FDCC Quarterly, 61(3), 240.

Mennemeyer, S. T., Menachemi, N., Rahurkar, S., & Ford, E. W. (2016). Impact of the HITECH act on physicians' adoption of electronic health records. Journal of the American Medical Informatics Association, 23(2), 375-379.