HIPAA and HITECH Compliance

A Brief Overview of HIPAA & HITECH

The Health Insurance Portability and Accountability Act (HIPAA) was passed into US law in 1996 and then amended in 2000 to include a privacy rule. It was not until 2009, however, that the US Congress passed the Health Information Technology for Economic and Clinical Health (HITECH) Act providing much needed enforcement for patient privacy.

The HIPAA and HITECH Acts together include specific guidance on privacy, information security, and breach notification as it relates to Protected Health Information (PHI) and electronic PHI (ePHI). The HIPAA Privacy Rule specifies requirements for the appropriate use, disclosure of, and access to PHI and ePHI. The HIPAA Security Rule specifies the administrative, physical, and technical controls required to protect ePHI. The HITECH breach notification rule requires that covered entities must promptly notify the affected individuals in the event of a breach of patient information. An important aspect of the notification rule is that it specifies the use of encryption can provide safe harbor against breach notification.

The Covata Solution for HIPAA & HITECH Compliance

Covata helps HIPAA covered entities and any other organization responsible for the privacy of patient information understand where ePHI is stored so they can centrally encrypt and control access to it. These capabilities are especially important as clinicians increasingly share ePHI using technologies other than the Electronic Medical Records systems.

Features and Advantages

  • Locate ePHI in shared drives and web portals, in both data centers and clouds
  • Encrypt patient information in accordance with the NIST 800-111 guidance cited in the HITECH Act
  • Centrally manage authorized access to encrypted ePHI
  • Allow IT administrators to manage patient information without having to view it
  • Log access requests to aid incident response and provide proof of compliance with the HIPAA Security Rule

Resources & Products

HIPAA Whitepaper

Learn how Covata helps comply with HIPAA and HITECH.

Covata whitepapers

Check out our solution briefs for HIPAA and other common use cases.

Request a free trial

Sign up for a free trial of one or more Covata products.