The Health Information Technology for Economic and Clinical Health (HITECH) Act, which was enacted in 2009 and took full effect in February 2010, has added additional privacy and security safeguards to existing HIPAA regulations. The safeguards include new rules regarding, among other things, notifying patients of data breaches, marketing restrictions, the sale and disclosure of protected health information, and the use of electronic health records.