Which of the following is true about HITECH?

The correct choice highlights that the HITECH Act mandates that Protected Health Information (PHI) may not be transferred electronically without safeguards. This reflects the Act's emphasis on enhancing the security and privacy protections for electronic health records (EHRs). HITECH was established to promote the adoption of health information technology and to ensure that the confidentiality and security of health information are maintained when transferred electronically.

The HITECH Act set forth specific requirements for the protection of PHI, including necessitating that healthcare entities implement appropriate administrative, physical, and technical safeguards during electronic transmission. This is crucial in maintaining the integrity of patient information and protecting it from unauthorized access and breaches.

The other options do not accurately represent the provisions of HITECH. For example, unrestricted electronic transfer of PHI contradicts the integral safety measures that HITECH aims to promote. Additionally, HITECH does not eliminate the need for patient consent; rather, it reinforces the need for consent management in electronic communications of health information. Finally, HITECH applies to electronic health information rather than just physical records, as it was designed to address the digital transformation of healthcare records.