BRENTWOOD, Tenn., April 10, 2013 /PRNewswire/ -- Ecteon, Inc. announces that it has achieved privacy and security certification in support of Business Associate requirements under the expanded Health Insurance Portability and Accountability Act of 1996 (HIPAA) as mandated by the HITECH provisions of the Affordable Care Act of 2010. The rules require health care providers to enter into formal business associate agreements with subcontractors who are exposed to providers' protected information. Those vendors, including Ecteon, must certify that they meet the HIPAA privacy and security requirements. Under HIPAA, vendors must perform periodic technical and nontechnical evaluations that establish the extent to which their security policies and procedures meet HIPAA requirements. Ecteon invested in formal employee training to enable the company to attain certified status. Richard Eckerstrom, CEO of Ecteon, said, "Since many of our customers are health care providers, we wanted to be able to assure them that their data is protected and secure to HIPAA standards, and our safeguards are HIPAA-compliant. Ecteon's certification as privacy and security experts establishes the company as a qualified vendor to health care providers." The Health Information Technology for Economic and Clinical Health Act (HITECH) extends HIPAA requirements to business associates. Health care providers must conduct due diligence when evaluating vendors who provide services related to protected health information. As business associates, vendors such as Ecteon must meet the same stringent privacy regulations as do the health care providers themselves. HIPAA requires health care providers implement appropriate technical, physical, and administrative safeguards to ensure the confidentiality, integrity, and availability of protected health information. Ecteon's customers can be confident that protected health information maintained in Ecteon systems will be well-protected and accurate, and that the company has in place appropriate policies and practices to meet evolving privacy and security requirements.