CSO Blog has a short explanation of the HITECH Act and its implications for Healthcare providers and 3rd party partners.  The author also outlines some steps you can take to lower the risk of a data breach.  These include taking an inventory of all Protected Health Information (PHI) and using encryption on all storage devices.