Business Associates Dept. of Health and Human Services

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
News & Analysis as of

Two Additional HIPAA Settlements Demonstrate Breadth of HIPAA Enforcement Activity

During the week of April 18, 2016, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced two significant settlements with a large New York City hospital and a North Carolina orthopaedic...more

Department of Health and Human Services Cracks Down on Vendor Oversight in Recent Hospital Settlements

From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more

Not a Check-the-Box Exercise: Failure to Have Signed BAA Results in Substantial Fine

A group practice that was the victim of a silver-harvesting scam has agreed to pay the U.S. Department of Health and Human Services (“HHS”) $750,000 to settle charges that it released protected health information (“PHI”) of...more

The Audit Protocol is Released, and Other Updated HIPAA Audits News

As we previously reported, the HHS Office for Civil Rights (OCR) launched Phase II of its audit program on March 21. Since that time, a significant amount of new information has emerged, including details regarding the...more

Employee Benefits & Executive Compensation Advisory: So You Heard About HIPAA Phase 2 Audits. What Should You Do Now?

As you may have recently read (for example, “HHS/OCR Announces Launch of HIPAA Audit Program Phase 2”), the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has started “Phase 2” of its audit...more

Digital Health Care Alert: Is Your Health Care App subject to HIPAA? The U.S. Department of Health & Human Services’ Office for...

OCR’s Compliance Guidance for Health Care App Developers - The U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) recently provided guidance (in the form of six “real-life” scenarios) to help...more

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

Phase 2 of HIPAA Audit Program Launched

The U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced on March 21, 2016 that it has officially launched Phase 2 of its Health Insurance Portability and Accountability Act...more

HHS OCR Announces Launch Of Long-Awaited Phase 2 HIPAA Audit Program

On March 21, 2016, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced the launch of its Phase 2 HIPAA compliance audits pursuant to which it will audit covered entities and...more

HHS Implements HIPAA Phase II Audit Program: What You Need to Know

Recently, the Health and Human Services Office of Civil Rights announced that it has implemented its HIPAA Phase II Audit Program. Some entities may have already received initial emails from the Office of Civil Rights (OCR)...more

HHS OCR Launches Phase 2 of HIPAA Audit Program–So What?

You have seen all the hysterical headlines — “The HIPAA audits are coming, the HIPAA audits are coming….” But when you really think about it, what is the big deal? If you are a HIPAA covered entity, you surely know by now...more

OCR Launches Phase 2 of HIPAA Audits

Five suggested steps healthcare organizations and their contractors should take to prepare. On March 21, the Office of Civil Rights (OCR) of the Department of Health and Human Services launched Phase 2 of the HIPAA Audit...more

Ready or Not, It’s Time For Phase 2 HIPAA Audits

On March 21st, the HHS Office for Civil Rights (“OCR”) officially launched Phase 2 of the HIPAA Audit Program. Covered Entities and Business Associates need to be prepared for these audits and be on the lookout for emails...more

HHS releases HIPAA guidance on care coordination and case management

In its third release of HIPAA guidance over the past few weeks, the Department of Health and Human Services (HHS) released“The Real HIPAA: Care Coordination, Care Planning, and Case Management Examples” to assist covered...more

HIPAA and Text Messaging

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

OIG Reports Insufficient Oversight Of HIPAA Compliance

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Is Your HIPAA Compliance Program Ready for the FTC?

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

Get Your Questions Ready

A lot has changed since the HIPAA Privacy Rule was finalized in 2002 and the HIPAA Security Rule was finalized a year later in 2003. The iPhone had not been released (that happened in 2007), Apple had just released the...more

Blog: HHS To Launch New HIPAA Audits in Early 2016 in Response to OIG Reports

The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and...more

Cure of Security Rule Violations Following Breach of EPHI Cannot Save Covered Entities from $750,000 Settlement; Non-Breach...

More than three years after the Cancer Care Group, P.C. (“CCG”) notified the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) of a breach of unsecured electronic protected health...more

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

St. Elizabeth’s Medical Center Pays $218,400 to Settle Alleged HIPAA Security Case Stemming from Use of Cloud-Based Document...

Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response. The US Department of Health and Human Services (HHS) Office for...more

Blog: HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically,...more

ONC Releases Privacy and Security Guidance Geared Toward Small Providers

The HHS Office of the National Coordinator for Health Information Technology (“ONC”) recently released a new and improved version 2.0 of their Guide to Privacy and Security of Electronic Health Information. This revamped...more

113 Results
|
View per page
Page: of 5
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×