The Impact of HIPAA and HITECH regulations on health care systems

The Impact of HIPAA and HITECH regulations on health care systems

The Impact of HIPAA and HITECH regulations on health care systems for the future with mention to state and federal differences

HIPAA was formed with an objective of securing information that is concerned with the healthcare of patients and how it is transmitted. It safeguards all information relating to a patient from electronic format to paper (Nahra, 2008). There existed more complications when the federal government found healthcare concealment soup pot instigated at the level of the state. The case was a proof of just how immense involvement can bring about confusion to the broth whose main objective is to safeguard the privacy and security formulated for the service of the people (Nahra, 2008). HIPAA main goals involved assuring the portability of health insurance, reduction of abuse and healthcare fraud, offer a guarantee to the privacy and security of information of healthcare and enforcing standards for information of healthcare (Nahra, 2008).

The American Act of 2009 concerning Reinvestment and Recovery, which governs the regulations of HITECH, has caused issues regarding the protection of health information. (Stark, 2010). Both electronic and paper records are affected by the HITECH regulations. The penalties attached to notification breach that only applies to PHI, which is not secured, have been increased and involves penalties of both criminals and civil group for violations of HIPAA to business associates (Stark, 2010). HITECH has additional advantages which are reimbursements for meaningful utilization of EMRs and the rights of patients accessing copies of EMRs.

There was confusion to whether a single, imposition by the state of federal ruling with many rulings would be utilized in punishing the people who broke the law. The research community was impacted from advancing with their different investigations by research limitations (Stark, 2010). The requirement was to find the potential for breaches in security and modern technology together with its moderation. The most controversy between state and levels of federal state is the exchange of health information administrations to find what data may and may not comprise of information collection, processing, and dissemination.

The procedure remains too slow like the passage of a drafted law via assembly that is covered in molasses during the Christmas break. The ongoing HIPAA model should be reflected in the upcoming concerns, as the states require (Stark, 2010). The scenario unluckily persists in supporting the scenario endured in the breaches of information of the Wild West. The data of patients and software systems remain highly susceptible to fraud, terrorism, and theft despite the state maintaining and encouraging a strict policy (Stark, 2010).

Define how the regulations will modify the implementation and ongoing use of software systems that maintain patient data

The atrocities which are associated with the protection of the details of a patient raises concerns. The likelihood of patients reacting by changing providers is likely. Research indicates that the possibility of such a scenario occurring is high (Stark, 2010). The effect will trickle down from the concerns of the patient to vital medical centres. The institutions avoid running the risk of losing patients. Therefore, hospitals make a consideration before acquiring Software and hardware. The initiative results to the escalation of the cost of utilizing certified EHR software that is able to meet HITECH’S criteria concerning interoperability (Stark, 2010).

Another approach is undertaken by embracing cloud-based systems. The starter fees are low because it is not easy to steal physical laptops and papers. As a result, the vendors are affected.


 Discuss the changes and impacts to software and hardware vendors

CCHIT software certificates have solutions formulated which are based on it, the solutions call for the incorporation of a third party which results to payment every month (Nahra, 2008). This would be carried out to deal with the misconduct of the staff’s carelessness, breaches by third parties, cyber attacks and theft. In the assessment of various risks and monies allocated to deal with such breaches, it will result in the slowing down of the progress in the pace of researching and developing innovation that is contributed by the vendors of software and hardware (Nahra, 2008). The scenario also causes an impact on the staff

Clarify the changes and impacts to infrastructure and organizational standards

There are standards set to which healthcare systems must follow. The elements should to obtain a complete locus that audits their employees’ services in order to make a genuine and reliable risk assessment. The settings are required to round on different open doors and possible breaches of security in dealing with them via appropriate solutions. When there are improvements and modifications carried out, there is a need for internal and external entities to carry out tests to identify the vulnerabilities (Nahra, 2008). A response plan should be formulated containing drills for dealing with a worst-case scenario, which would be a fabulous technique for upholding a situation of readiness (Nahra, 2008). Best Practices should be installed involving a timeline for affected patients along with keeping tabs on new breaching trends.



Nahra, K. J. (2008). HIPAA security enforcement is here. IEEE Security & Privacy6(6).

Stark, P. (2010). Congressional intent for the HITECH Act. The American journal of managed care16(12 Suppl HIT), SP24-8.

Place this order or similar order and get an amazing discount. USE Discount code “GWEXDDSRGCF10” for 10% discount