HIPAA, ARRA/HITECH Act and Meaningful Use Compliance Resources

This section focuses on managing compliance with the HIPAA Security Rule, the specific subsection of HIPAA's Privacy Rule that governs the use and management of electronic protected health information (ePHI) by healthcare entities and their business associates. It also contains resources for understanding the new privacy and security requirements brought about with the passage of the American Recovery and Reinvestment (ARRA) Act and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Breach Notification Guidance under the HIPAA Omnibus Rule

Addressing Encryption of Data at Rest in the HIPAA Security Rule and EHR Incentive Program Stage 2 Core Measures (12/3/2012)

HHS HIPAA Security Series

Understanding HIPAA for Covered Entities

HIPAA Enforcement

HIPAA Security Guidance

Guide for Implementing the HIPAA Security Rule – NIST 800-66

NIST HIPAA Security Rule Toolkit

AMA HIPAA Resources


HIMSS Meaningful Use OneSource

P&S Toolkit for Small Provider Organizations – ARRA/HITECH section