The Health Information Technology for Economic and Clinical Health Act, abbreviated the HITECH Act, was enacted under Title XIII of the American Recovery and Reinvestment Act of 2009.

This issuance establishes policy, assigns responsibilities, and prescribes procedures for CUI throughout the DOD in accordance with Executive Order (E.O.) 13556; Part 2002 of Title 32, Code of Federal Regulations (CFR); and Defense Federal Acquisition Regulation Supplement (DFARS) Sections 252.204-7008 and 252.204-7012. It also establishes the ...

This issuance, in accordance with the authority in DOD Directive 5124.02, establishes policy and assigns responsibilities for DOD compliance with federal law governing health information privacy and breach of privacy; integrating health information privacy and breach compliance with general information privacy and security requirements in accordance ...

This instruction establishes policy and assigns responsibilities for security of individually identifiable health information created, received, maintained, or transmitted in electronic form (referred to in this instruction as “electronic protected health information (ePHI)”).

This Memorandum outlines the framework within which Federal agencies must develop a breach notification policy while ensuring proper safeguards are in place to protect the information.

This Memorandum provides recommendations for planning and responding to data breaches which could result in identity theft.

This Memorandum addresses the efforts to properly safeguard information assets while using information technology by incorporating a checklist from the National Institute of Standards and Technology (NIST) for protection of remote information.

This Memorandum reemphasizes responsibilities under law and policy to appropriately safeguard sensitive personally identifiable information (PII) and train employees on responsibilities in this area.