Business Associates Data Protection

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
News & Analysis as of

Back to School – HIPAA 101

After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more

Proceed With Caution: Does HIPAA Apply to Your Business?

Even if your business is not in the health care industry, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act (HITECH...more

New Study Finds That Criminal Attacks Are The Number One Cause Of Health Sector Data Breaches

On May 7, 2015, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data (the “Study”), which surveyed 90 HIPAA covered entities and 88 business associates regarding their...more

Office of Civil Rights Delays Phase 2 Audits

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

Failure to take basic security measures may result in HIPAA penalties – 6 tips to keep up with updates and patches

Covered Entities and their Business Associates must comply with HIPAA’s Security Rule, or they may face substantial penalties. The Office of Civil Rights (OCR) recently shared a resolution agreement that emphasizes the...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

September 22, 2014: Quickly approaching deadline to amend business associate agreements

The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security...more

How To Catch-Up in a Revised HIPAA World

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

Privacy Monday – September 23, 2013: Today Is HIPAA Compliance Day – 5 Things That You Should Have Done

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule. In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape. Here...more

Breach Notification: New Rules!

If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more

HIPAA, Business Associates, and the Cloud

Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more

Business Associate Agreements: More Readily Accepted by Cloud Service Providers? Maybe

Although the HIPAA Omnibus Final Rule's expansion of business associate liability could create difficulties for healthcare providers and other covered entities seeking to negotiate business associate agreements with vendors...more

Think You’re Not Covered by HIPAA? Think Again.

The Department of Health and Human Services recently amended the Health Insurance Portability and Accountability Act regulations (“HIPAA Rules”) in a way that may make many companies, particularly those in the technology...more

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

HIPAA/HITECH Final Rule - Assessing Your Organization's Compliance Readiness

The long awaited HIPAA/HITECH Final Rule became effective March 26, 2013, but covered entities, business associates and subcontractors will have until September 23, 2013, to fully comply. ...more

The HIPAA Omnibus Final Rule—Data Privacy and Security Implications for Business Associates and Covered Entities

On January 17, 2013, the Office for Civil Rights (‘‘OCR’’) of the U.S. Department of Health and Human Services (‘‘HHS’’) published the HIPAA Omnibus Final Rule (‘‘Final Rule’’) which OCR has trumpeted as carrying ‘‘the most...more

The HIPAA/HITECH Final Rule has arrived!

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

Birmingham Medical News: I-Phone Or HIPAA-Phone?

With the recent issuance of the long-awaited final rule by the Department of Health and Human Services ("HHS"), the protection of patient information has been a hot topic among the health care industry the past few months....more

Scripts - April 2013

In This Issue: - Key Provisions In the Final Omnibus HIPAA/HITECH Rules and What They Mean for You - NLRB and EEOC May Target Employer Efforts to Keep Employees Quiet During Internal Investigations -...more

Newly Effective HIPAA Omnibus Rule Makes Sweeping Changes to HIPAA

The long-awaited final omnibus rule (Omnibus Rule) that modifies the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [1] took effect last week, on March 26, 2013. Leon Rodriguez, Director of the U.S....more

Time to Take Advantage of HIPAA Omnibus Rule's "Good News": Fundraising, Research, and Student Immunization Records

The Omnibus Rule went into effect on March 26, 2013. While covered entities and business associates have until Sept. 23, 2013, to comply with new restrictions and obligations, they can take advantage of the rule’s benefits...more

What We Need to Do to Comply with the Final HIPAA Rule: A Summary of the Privacy Obligations for Health Care Providers, Health...

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the highly anticipated Omnibus Rule, which makes extensive changes (as promulgated by the Health Information Technology for Economic and...more

97 Results
|
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×