Information technology is a crucial, albeit costly endeavor for HIPAA-impacted organizations; in response, regulatory bodies have ramped up auditing and enforcement efforts in hopes of stifling the seemingly daily barrage of medical data breaches splashed across the headlines. For non-compliant organizations, the cost of non-compliance could include civil, criminal, and other penalties.

• An overview of HIPAA and the implications of ARRA and HITECH — two of its recent enactments
• What qualifies as protected health information (PHI)
• An IT methodology that makes HIPAA compliance an efficient, testable, repeatable, and auditable process

‍