The Health Information Technology for Economic and Clinical Health ("HITECH") Act, enacted as part of the American Recovery and Reinvestment Act of 2009, requires HIPAA covered entities and business associates to provide certain notifications in the event of a breach of PHI and increases the civil monetary penalties for HIPAA violations. For a summary of the breach notification and enforcement rules, please
click here.