News & Analysis as of

Business Associates Privacy Rule

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Health Care Compliance Association (HCCA)

OCR Targets Three Dentists in New Enforcement Actions; Nixes Political Use of PHI, Review Backlash

Report on Patient Privacy 22, no. 4 (April, 2022) - By many measures, David Northcutt’s unsuccessful 2018 bid for the Alabama senate was a costly one. Northcutt, a dentist, loaned his campaign $73,000 throughout the...more

Williams Mullen

Another Key to HIPAA Compliance – Have Policies and Procedures and Implement Them, Too

Williams Mullen on

On this blog, we have discussed the criticality of risk analyses – the assessment required by the Security Rule of the “risks and vulnerabilities” that an organization faces with respect to all of its electronic protected...more

BCLP

Healthcare Data Breach Enforcements and Fines

BCLP on

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

McDermott Will & Emery

OCR Explains How Information Blocking Violates HIPAA

McDermott Will & Emery on

The US Department of Health and Human Services Office for Civil Rights recently posted guidance clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a...more

Mintz - Health Care Viewpoints

HHS Publishes Guidance on HIPAA and Cloud Computing

On October 7, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance. As discussed below,...more

Orrick, Herrington & Sutcliffe LLP

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Mintz - Health Care Viewpoints

OCR’s New Bulletin on Ensuring Privacy in Public Health Emergencies

This week, the HHS Office of Civil Rights (OCR) issued a bulletin (Bulletin) to remind covered entities and business associates that “the protections of the Privacy Rule are not set aside during an emergency.” The...more

Spilman Thomas & Battle, PLLC

3 Weeks Left: Is Your Business Ready for HIPAA Compliance?

The September 23, 2013 deadline for covered entities, business associates and their subcontractors to implement the new HIPAA rules is approaching quickly. In case you missed it, on January 25, 2013, the U.S. Department of...more

Snell & Wilmer

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

Snell & Wilmer on

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

McDermott Will & Emery

OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH...

McDermott Will & Emery on

On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more

Mintz - Privacy & Cybersecurity Viewpoints

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

The Volkov Law Group

Expanding The Reach Of HIPAA Data Security And Privacy Requirements

The Volkov Law Group on

In this information technology era, it is little wonder that the Obama Administration has made enforcement of data security and privacy protections a top priority. The enforcement emphasis reflects public opinion favoring...more

Pullman & Comley, LLC

HIPAA Rules Overhaul Ups Compliance Ante

Pullman & Comley, LLC on

Originally posted in Hartford Business Journal on February 11th, 2013. Attention all medical providers, hospitals and any other covered entity or business associate under HIPAA. On Jan. 17, the U.S. Department of Health...more

Pillsbury Winthrop Shaw Pittman LLP

Omnibus Final Rule Issued on HIPAA/HITECH Act: Significant Changes for ‘Business Associates’

On January 25, 2013, the Department of Health and Human Services published the much-anticipated Omnibus Final Rule (the “Final Rule”), which, with respect to business associates and their subcontractors, conforms HIPAA’s...more

Snell & Wilmer

What Employers That Maintain Group Health Plans Need to Know About the HIPAA Omnibus Regulations

Snell & Wilmer on

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

Polsinelli

Breaking Down The HIPAA Rule Changes: Part 2 Of 5 - Changes Affecting Who Is A Business Associate And New Business Associate...

Polsinelli on

In This Issue: - Expansion of, Clarifications to, and Explicit Inclusions in the Definition of BA - BAs’ Direct Liability Under the Final Rule - BAAs: Required Provisions Under the Final Rule and the Compliance Date ...more

Womble Bond Dickinson

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Womble Bond Dickinson on

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

Littler

What Do Employers Really Need to Know About the New HIPAA/HITECH Omnibus Final Rule?

Littler on

The Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act Omnibus Rule, published in the Federal Register Jan. 25, makes many changes to the HIPAA Privacy Rule,...more

Burr & Forman

Burr Alert: New HIPAA Rules Issued: “Sweeping” Changes For Healthcare Providers And Business Associates

Burr & Forman on

On January 17, 2013, the Department of Health and Human Services (“HHS”) released its long awaited final HIPAA rule, which significantly expands certain obligations for healthcare providers and their business associates (the...more

Bradley Arant Boult Cummings LLP

HIPAA and HITECH Privacy and Security Rule Update: Final Omnibus Rule

The Office of Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”) published today the much anticipated final omnibus rule implementing the Health Information Technology for Economic and Clinical Health...more

20 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide