Javascript Menu by Deluxe-Menu.com
 
 
Onsite Data Erasure Services
 
800-781-4799
Summary of Hitech Legislation
KNOWLEDGE BASE
> What is the new standard for electronic media destruction?

> What is the difference between renting and leasing?

> What is the difference between leasing and licensing fees?

> What is Secure Erase?

> What is the DoD 5220.22-M?

> What is the difference between 1x / 3x / 7x wipes?

> What is the difference between erasure and physical destruction?

> On-site data destruction vs. offsite services

> Software vs. hardware vs. software/hardware integration

> Data Destruction Topics
> Media Sanitization Scenarios

Update on Federal and State Regulations
Health Information Technology for Economic
and Clinical Health Act [HITECH}

STATUS: Signed into law
February 17, 2009
FULL NAME: Health Information Technology for Economic and Clinical Health Act
TARGET: Doctors, hospitals and other medical services organizations, plus vendors of personal health records and other non-HIPAA covered entities.
FUNDING: $19.2 Billion
DESCRIPTION: Broadly intended to encourage the use of Electronic Health Records by medical businesses, this legislation also takes the scope and enforcement of HIPAA (Health Insurance Portability and Accountability Act of 1996) privacy protection to a new level. Penalties for violations can now include criminal prosecution.
DATA SECURITY FACTORS: Portions of HITECH specify standards for protecting private medical data and new penalties for lack of compliance. New guidance for technologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals have been established and are published in the Federal Register 74 FR 19006 of April 27, 2009. If the entities subject to the regulations apply the technologies and methodologies specified in the guidance, they will not be required to provide the notifications required by the regulations in the event the information is breached. Among the scenarios specified in the Federal Rules and Regulations is destruction or purging of electronic media in accordance with methods specified in NIST Special Publication 800-88: Guidelines for Media Sanitation.
AGENCIES: Department of Health and Human Services (HHS) Office for Civil Rights (OCR), Federal Trade Commission (FTC)
ENFORCEMENT / PENALTIES: OCR is responsible for enforcing Privacy Rule standards and may conduct compliance reviews. Covered entities that fail to comply voluntarily with the Privacy Rule may be subject to civil penalties (fines). In addition, certain violations may be subject to criminal prosecution. Penalties will vary significantly depending on factors such as the date of the violation, whether the covered entity knew or should have known of the failure to comply, or whether the covered entity's failure to comply was due to willful neglect.
DOCUMENTATION: Title XIII in Division A, pages 112 through 165 and Title IV in Division B, pages 353 through 398, cover the HITECH portion of the Economic Recovery Act.

Complete listing and links for data security regulations and legislation.
  
Solutions
Compliance Resources
Technology
Downloads
About
 
Copywrite 2010 by DestructData, Inc. All rights reserved.