Business Associates

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
News & Analysis as of

Charges for Medical Records: Are You Compliant with HIPAA?

Through a series of releases in the first half of 2016, HHS Office for Civil Rights (“OCR”) issued guidance on the individual right of access to protected health information (“PHI”) provided under HIPAA. One topic with...more

HIPAA Enforcement on the Rise

After a number of years of little HIPAA enforcement activity, the tides appear to be turning. From September 2015 through April 2016, HIPAA settlements have averaged more than one a month. The dollar amounts involved are...more

OCR Warns of HIPAA Risks in Third-Party Apps

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more

HHS Issues HIPAA Guidance for Mobile Health Apps

The U.S. Department of Health and Human Services (HHS) recently issued guidance to help mobile application developers analyze whether the Health Insurance Portability and Accountability Act of 1996 (HIPAA) may apply to them....more

HIPAA Heats Up

Despite the issuance of the Omnibus Final Rule in 2013, HIPAA enforcement activity has remained relatively light—until recently. Indeed, compared to just a few settlements a year for the first decade that HIPAA was in force,...more

Burr Alert: Phase 2 HIPAA Audits

In an effort to review and examine compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), the Department of Health and Human Services Office for Civil...more

HHS Releases HIPAA Privacy and Security Audit Guidelines as it Starts its Second Round of Audits and Continues Enforcement Efforts

During April 2016 the Department of Health and Human Services (“HHS”) posted lengthy audit guidelines for HIPAA Privacy and Security on its website (over 400 pages). As HHS starts its audits of health care providers, health...more

Health Care E-Note - May 2016

On April 6, 2016 the Department of Labor's Employee Benefits Security Administration ("EBSA") issued its long awaited final rule redefining a fiduciary investment advisor (also known as the "conflict of interest rule"),...more

Check Your Inbox: OCR Continues to Verify Entity Contact Information for Phase 2 HIPAA Audits

Covered Entities need to continue to check their inboxes for emails from the HHS Office for Civil Rights (“OCR”) requesting verification of contact information in connection with Phase 2 of the HIPAA Audit Program. OCR...more

Coming Soon to Your Inbox! Phase 2 of OCR's Audit Program for HIPAA Compliance

On March 21, 2016, the Office of Civil Rights (OCR) in the Department of Health and Human Services (HHS) announced that it was ready to begin Phase 2 of its audit program for HIPAA compliance, which will include auditing...more

Health Law Wire: Recent HIPAA Settlements Highlight the Importance of Business Associate Agreements (5/16)

The Office of Civil Rights (OCR), the agency within the United States Department of Health and Human Services that enforces the HIPAA Privacy and Security Rules, recently sent a clear message about the importance of business...more

Recent Settlements and Upcoming Audits Highlight the Continuing Need to Focus on Core HIPAA Compliance Measures

Recent settlements and initiatives conducted by the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services highlight the continuing need for focus on compliance with the privacy and security...more

What's New with HIPAA?

A number of new developments have taken place related to Health Insurance Portability and Accountability Act (HIPAA) privacy and security compliance, and enforcement is increasing. Healthcare providers, health plans and other...more

Settlements reached for PHI Disclosures

In the last two months, the U.S. Department of Health and Human Services (“HHS”) announced two settlement agreements involving the disclosure of protected health information ("PHI"). In both instances, the health care...more

OCR Updates HIPAA Audit Protocol for Phase 2

Recently, the Office of Civil Rights (“OCR”) provided an updated protocol that it will use when assessing compliance with HIPAA rules. OCR recently began Phase 2 of its HIPAA compliance audits, extending coverage of these...more

Expansion of HIPAA audit program now underway

As detailed in our latest webinar, “Daunting but doable: Preparing for the next round of HIPAA audits,” the Office for Civil Rights (OCR) has begun implementing the first full-phase HIPAA audit program. The 2009 HITECH Act,...more

HIPAA Phase 2 Audits: Actions Not Just Words

Action Item: With the commencement of Health Insurance Portability and Accountability Act (“HIPAA”) Phase 2 audits, and the increase in HIPAA enforcement activity, covered entities and business associates need to take HIPAA...more

Phase 2 of the OCR HIPAA Audit Program Already Underway

On March 21, 2016, the Department of Health and Human Services, Office for Civil Rights (OCR) announced the launch of the long-awaited Phase 2 HIPAA Audit Program (Phase 2), and OCR activities related to Phase 2 are already...more

New HIPAA Phase 2 Audits: Targets Notified by Email Only

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced the long-awaited launch of Phase 2 of its HIPAA Audit Program (Phase 2 Audits). The Phase 2 Audits will review the policies...more

Spring Showers Bring HIPAA Breaches

OCR has announced several recent settlement agreements to resolve violations of the Health Insurance Portability and Accountability Act (“HIPAA”). These settlement amounts range from $25,000 to $3.9 million dollars and...more

OCR Releases Updated HIPAA Audit Protocol and Business Associate Listing Template

The Office of Civil Rights (OCR) recently updated the audit protocol that it will be using to assess Covered Entities’ and Business Associate’s compliance with the Health Insurance Portability and Accountability Act (HIPAA)...more

Two Additional HIPAA Settlements Demonstrate Breadth of HIPAA Enforcement Activity

During the week of April 18, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced two significant settlements with a large New York City hospital and a North Carolina orthopaedic...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Understanding when Business Associate Agreements are necessary can avoid costly and embarrassing enforcement actions

A recently publicized settlement with the Office of Civil Rights of the U.S. Department of Health and Human Services highlights that it is not only important to have a HIPAA-compliant form of business associate agreement...more

Not a Check-the-Box Exercise: Failure to Have Signed BAA Results in Substantial Fine

A group practice that was the victim of a silver-harvesting scam has agreed to pay the U.S. Department of Health and Human Services (“HHS”) $750,000 to settle charges that it released protected health information (“PHI”) of...more

287 Results
|
View per page
Page: of 12
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×