Overview
The laws: HIPAA & HITECH
Healthcare is a tricky field when it comes to development because there is an additional layer of concern beyond what is needed for the typical website: federal compliance.
You need to meet the regulations mandated both by HIPAA and by HITECH.
To understand the very basic function of these two laws, HIPAA was passed in 1996 to allow people to continue coverage when leaving a
job or in similar scenarios (portability) and to establish guidelines for healthcare organizations related to safeguard protected health information, or PHI (accountability).
HITECH, contained within the American Recovery and Reinvestment Act of 2009 (ARRA), updated some of the HIPAA stipulations and stimulated (through incentives) the adoption of electronic records.
HITECH is the basis of the HIPAA Final Rule2, otherwise known as the HIPAA Omnibus Rule3 or the HIPAA Omnibus Final Rule4. The standard, which went into effect in 2013, expanded direct responsibility under the law to third parties that handle PHI on behalf of healthcare organizations.
