Page:United States Statutes at Large Volume 123.djvu/247

 123STA T . 22 7PUBLIC LA W 111 –5—FE B. 17 , 2 0 0 9‘ ‘ Subti t leA—Prom otio n o fH e a lt hI nformation T e c hnolo gy ‘‘Sec .30 0 1 . O ffice of the N ational C oor d inator for Health Information Tech - nology. ‘‘Sec. 300 2 . HIT Policy Committee. ‘‘Sec. 3003. HIT Standard s Committee. ‘‘Sec. 300 4 . Process for ado p tion of endorsed recommendations adoption of ini- tial set of standards , implementation specifications, and certification criteria. ‘‘Sec. 300 5 . Application and use of adopted standards and implementation spec- ifications by F ederal agencies. ‘‘Sec. 300 6 . V oluntary application and use of adopted standards and implemen- tation specifications by pri v ate entities. ‘‘Sec. 300 7 . Federal health information technology. ‘‘Sec. 300 8 . Transitions. ‘‘Sec. 300 9 . M iscellaneous provisions. Sec. 13102. Technical amendment. P ART 2—A P P LIC ATI ON AN DUSE O F ADOPTED HEALT H INFOR M ATION TECHNOLO GY STANDARDS; R EPORTS Sec. 13111. Coordination of Federal activities w ith adopted standards and imple- mentation specifications. Sec. 13112. Application to private entities. Sec. 13113. Study and reports. Subtitle B —Testing of Health Information Technology Sec. 13201. National Institute for Standards and Technology testing. Sec. 13202. Research and development programs. Subtitle C— G rants and L oans Funding Sec. 13301. Grant, loan, and demonstration programs. ‘‘Subtitle B—Incentives for the Use of Health Information Technology ‘‘Sec. 3011. Immediate funding to strengthen the health information technology infrastructure. ‘‘Sec. 3012. Health information technology implementation assistance. ‘‘Sec. 3013. State grants to promote health information technology. ‘‘Sec. 3014. Competitive grants to States and Indian tribes for the development of loan programs to facilitate the widespread adoption of certified E HR technology. ‘‘Sec. 3015. D emonstration program to integrate information technology into clinical education. ‘‘Sec. 3016. Information technology professionals in health care. ‘‘Sec. 3017. General grant and loan provisions. ‘‘Sec. 3018. Authori z ation for appropriations. Subtitle D—Privacy Sec. 13400. Definitions. PART 1—IMPRO V ED PRIVACY PROVISIONS AND SEC U RITY PROVISIONS Sec. 13401. Application of security provisions and penalties to business associates of covered entities; annual guidance on security provisions. Sec. 13402. Notification in the case of breach. Sec. 13403. Education on health information privacy. Sec. 13404. Application of privacy provisions and penalties to business associates of covered entities. Sec. 13405. Restrictions on certain disclosures and sales of health information; ac- counting of certain protected health information disclosures; access to certain information in electronic format. Sec. 13406. Conditions on certain contacts as part of health care operations. Sec. 13407. Temporary breach notification re q uirement for vendors of personal health records and other non-HIPAA covered entities. Sec. 13408. Business associate contracts required for certain entities. Sec. 13409. Clarification of application of wrongful disclosures criminal penalties. Sec. 13410. Improved enforcement. Sec. 13411. Audits. PART 2—RELATIONSHIP TO OTHER LA W S; REGULATORY REFERENCES; EFFECTIVE DATE; REPORTS Sec. 13421. Relationship to other laws.