All Any Exact Phrase
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) made significant changes to the HIPAA privacy and security rules, including imposing a new requirement that covered entities notify individuals when their “unsecure” protected health information ("PHI") is breached.
Generally, the HITECH Act requires that covered entities such as health plans notify individuals if their unsecure protected health information is breached. Covered entities, as well as business associates, must only provide the required notification if the breach involves unsecured protected health information. Unsecured protected health information is protected health information that has not been rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of certain technology or methodologies.