Healthcare IT organizations who may be subject to regulation under HIPAA and HITECH must assess their current status as a Covered Entity or a Business Associate as defined by the Privacy and Security Rules.
To learn about HIPAA compliance, there are a few key places on the web you should turn to.
The actual regulatory code is found in the electronic federal code of regulations. Go to the link below, select “Title 45″ from the drop-down menu, click the “Go” button, choose “1-199″ from the links displaying, and then you’ll be able to find the HIPAA rules at the bottom of the page in Subchapter C.
To help make practical sense of this regulatory code, HHS has guidance on their site at the link below:
http://www.hhs.gov/ocr/privacy/index.html
Feel free to contact us at contact@moserhaus.com if you would like us to point you to guidance on whether your own organization may be subject to HIPAA/HITECH regulation.