Business Associates

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
News & Analysis as of

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Cloud Storage Provider?

This week, the HIPAA FAQ series continues with another topic about business associate agreements (BAAs). As most Covered Entities and Business Associates know, in the event that a Covered Entity utilizes a service provider...more

Proposed Registration of Associated Persons Involved With Algorithmic Trading Strategies

FINRA recently issued Regulatory Notice 15-06 requesting comments on the proposal that would require the registration of associated persons involved in the design, development or modification of algorithmic trading...more

Blog: HIPAA FAQ Series: Do You Need a BAA with Your Mail Carrier?

This week, the HIPAA FAQ series continues with a topic about business associate agreements (BAAs). Most Covered Entities and Business Associates are familiar with general BAA obligations. ...more

Blog: HIPAA FAQ Series: Does HIPAA Permit Communications via E-mail with PHI Subjects?

Last week, we introduced a new series to this blog that will cover frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). This week, the series continues by delving into a hot...more

Blog: HIPAA FAQ Series: Are Covered Entities Liable for Business Associates’ HIPAA Violations?

This post marks the beginning of a new series on this blog covering various frequently asked questions regarding the Health Insurance Portability and Accountability Act (HIPAA). ...more

Big Data Creates New Opportunities for Health Care Entities

Big Data — the ability to collect, process, and interpret massive amounts of information — has reached health care. Technology has created new business opportunities for health care entities — covered entities, business...more

Office of Civil Rights Delays Phase 2 Audits

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

News from the Health Law Gurus™:

News from the Health Law Gurus™ is a weekly summary of notable health law news from around the country with helpful links to related content. Check back every week for the latest health law news stories....more

HIPAA: Deadlines Pass and Definitions Change

For all covered entities and business associates, September 22 was the last day for business associate agreements (BAAs) to comply with the Omnibus HIPAA Rule (the Rule) released in January 2013. Before the Rule’s release,...more

IT Maintenance Crucial for HIPAA Compliance

The Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) recently announced an agreement with a medical center to settle charges stemming from the center’s failure to prevent malware from infecting its...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

Provider Beware: HIPAA and State Privacy Laws May Inform Negligence Suits

A recent opinion from the Connecticut Supreme Court illustrates that HIPAA is not the only law that covered entities and business associates must worry about if an unauthorized disclosure of protected health information (PHI)...more

Refill Reminders and the TCPA

The Telephone Consumer Protection Act (“TCPA”) presents another challenge as health care providers continue to engage patients and seek to meet Meaningful Use reminder objectives. Over the past year, there have been several...more

Ebola Outbreak Prompts HHS Bulletin on Application of HIPAA During Emergencies

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by Congress and signed by President Bill Clinton in 1996. According to the U.S. Department of Health and Human Services (HHS), the HIPAA Privacy Rule...more

Preparing for HIPAA Compliance Audits

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), the office responsible for administering and enforcing the Health Insurance Portability and Accountability Act of 1996 (HIPAA), will...more

HIPAA Privacy in Emergency Situations

In light of the Ebola outbreak and other events, the U.S. Department of Health and Human Services, Office for Civil Rights, released a bulletin to ensure HIPAA covered entities are aware of the ways in which patient...more

Health Headlines: Also in the News - November 2014 #3

HHS Releases Bulletin Clarifying HIPAA Privacy Rule in Emergency Situations – In light of the recent Ebola outbreak, HHS released a bulletin on November 10, 2014 “to ensure that HIPAA covered entities and their...more

Health Update - November 2014

“Healthcare-Related” Calls: Ambiguity at the Intersection of HIPAA and TCPA - Editor’s Note: The Federal Communications Commission (FCC) has established exemptions from certain requirements of the Telephone Consumer...more

HHS Issues Special HIPAA Guidance for Ebola Outbreak

The U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"), released a bulletin last week addressing how covered entities (including certain health care providers and employer group health...more

184 Results
|
View per page
Page: of 8

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×