Health Information Technology for Economic and Clinical Health (HITECH)

What is the HITECH Act and What Businesses are Impacted?

The Health Information Technology for Economic and Clinical Health (HITECH) Act was enacted as part of the American Recovery and Reinvestment Act of 2009. It is a federal regulation that addresses the privacy and meaningful use of health information technology as well as security associated with the electronic transmission of health information. This federal regulation is tied closely with the Health Insurance Portability and Accountability Act (HIPAA) regulations and impacts the same types of businesses.

What does HITECH Require for Federal Compliance?

The HITECH Act is a supplement to the HIPAA and covers many of the same requirements. Some of the key provisions require covered entities to:

  • Make notifications in the event of a breach.
  • Provide privacy provisions and penalties to business associates.
  • Restrict the disclosure and sales of certain health information.
  • Conduct periodic audits to ensure you and your business associates remain compliant.

Like HIPAA, HITECH regulations require periodic, third-party audits including physical security, technical controls, and administrative policies and procedures. Penalties for non-compliance may include fines and jail time. Learn more about the HITECH Act.

Dox Gets Your Organization HITECH Compliant

Dox is experienced in handling the requirements of HITECH as well as HIPAA. We have guided countless clients in the protection of their patient’s electronic protected health information (e-PHI) to ensure they are HITECH compliant. Through pen testing, audits, and other security assessments, Dox identifies possible weaknesses in your organization’s network, physical location, and policies and procedures. Our experts provide security solutions to address every security issue we discover. With Dox, you can feel confident your business will meet the guidelines for HITECH regulation compliance.

The Clock is Ticking on HITECH Regulation Compliance

Annual regulatory compliance is required for HITECH. If you need help conducting a security assessment or an independent third-party audit of your business to meet the requirements, please fill out the contact form below and we will reach out to you as soon as possible.







  • This field is for validation purposes and should be left unchanged.

Ensure your business is HITECH compliant with Dox!