News & Analysis as of

Business Associates

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Amundsen Davis LLC

AI in Health Care: What Privacy Officers Need to Know to Remain HIPAA Compliant

Amundsen Davis LLC on

Artificial intelligence (AI) is everywhere you look now, boasting an ability to streamline workflow and boost efficiency—and the health care industry is no exception. Whether used for billing, patient care, or diagnostic...more

Stevens & Lee

Innovation and Privacy Protection: Managing Third-Party Risks in Data-Driven Health Care

Stevens & Lee on

Health care organizations increasingly rely on third-party digital solutions such as tracking pixels, analytics platforms and cloud-based services to enhance patient engagement, streamline operation, and expand telehealth...more

Fox Rothschild LLP

HIPAA, but for non-Covered Entities?

Fox Rothschild LLP on

New bill, proposed by Bill Cassidy (R-LA), Chair of the Senate Health, Education, Labor and Pensions Committee (HELP), purports to apply the privacy and security practices under the HITECH Act, to entities that process non...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 8th - 11th, Anaheim, CA

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Constangy, Brooks, Smith & Prophete, LLP

Texas federal court vacates most of HIPAA Reproductive Privacy Rule

Constangy, Brooks, Smith & Prophete, LLP on

Here’s what businesses need to know. Until recently, the privacy rule under the Health Insurance Portability and Accountability Act, (“HIPAA”), was not the focus of political or legal controversy. However, in June 2025, a...more

Dinsmore & Shohl LLP

[Webinar] Lessons from Recent HIPAA Enforcement Actions: Risk Analysis, Implementation, and Incident Response Planning - October...

Dinsmore & Shohl LLP on

HIPAA privacy and security requirements are complex, and the failure to comply can be costly. When a security incident involving protected health information (PHI) occurs, the U.S. Department of Health and Human Services,...more

BCLP

The HIPAA Trap (Part 2): Are You Actually a Business Associate?

BCLP on

Whenever the topic of health and medical data comes up, there is often a prevailing assumption that this information is subject to the federal Health Insurance Portability and Accountability Act (HIPAA) just by virtue of...more

Jackson Lewis P.C.

California Assembly Bill 45: New Privacy Around Healthcare Facilities

Jackson Lewis P.C. on

Recently, California’s Governor signed Assembly Bill (AB) 45, which builds on existing California laws, such as the Confidentiality of Medical Information Act, seeking to protect individuals seeking certain healthcare...more

Clark Hill PLC

Transmission security has a critical role in healthcare

Clark Hill PLC on

In November 2024, the U.S. Department of Health and Human Services’ Office of Civil Rights announced a new enforcement initiative focusing on the requirement under the Health Insurance Portability and Accountability Act of...more

Vorys, Sater, Seymour and Pease LLP

Benefits Brief: Key Developments for Employers’ Disclosure of Reproductive Health Care Under HIPAA

Vorys, Sater, Seymour and Pease LLP on

In 2024, the Department of Health and Human Services (HHS) modified the HIPAA privacy rules to add disclosure limitations for protected health information (PHI) related to reproductive health care for certain non-health care...more

Epstein Becker & Green

All is Not Lost as the Sun Sets on the HIPAA Reproductive Health Rule

Epstein Becker & Green on

In a June 2025 decision in Purl v. United States Department of Health and Human Services, the United States District Court for the Northern District of Texas vacated the 2024 HIPAA reproductive health rule (the “Rule”), which...more

Health Care Compliance Association (HCCA)

Missing Risk Analysis Cost NY CPA Firm $175K—But Not the Big Group Whose Data Was Breached in 2019

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 25, no. 9 (September, 2025) - Covered entities (CEs) and business associates (BAs) might be forgiven if the most recent HHS Office for Civil Rights (OCR) HIPAA enforcement action evoked little more...more

Parker Poe Adams & Bernstein LLP

Protecting Privacy: NC Court Reaffirms Privacy Obligations for All Health Care Entities in North Carolina

Parker Poe Adams & Bernstein LLP on

The North Carolina Business Court reaffirmed this spring an earlier decision holding that health care entities in North Carolina have a common law duty to protect patient information independent of requirements under the...more

Foley Hoag LLP - Security, Privacy and the...

HHS Unveils Version 3.6 of the Security Risk Assessment Tool: What Covered Entities and Business Associates Need to Know

Foley Hoag LLP - Security, Privacy and the... on

Anyone who has wrestled with the HIPAA Security Rule’s risk‐analysis requirement knows that the government’s free Security Risk Assessment (“SRA”) Tool can be a practical starting point—particularly for resource-constrained...more

Health Care Compliance Association (HCCA)

The Business Associate Close Out Process

Health Care Compliance Association (HCCA) on

Things are a bit out of balance when it comes to Business Associates (BAs) in healthcare. Organizations invest a great deal of time and resources in vetting these third parties to make sure that they will safely handle data...more

Mintz - Health Care Viewpoints

OCR Releases New HIPAA Security Risk Assessment Tool

Mintz - Health Care Viewpoints on

In a move that underscores the growing urgency around health care cybersecurity, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has released version 3.6 of its Security Risk Assessment...more

Ankura

[Webinar] Navigating HIPAA Security Rule Compliance in the Era of AI and Digital Health - September 17th, 9:00 am - 10:00 am PT

Ankura on

The threat landscape is evolving, regulatory expectations are rising, and the stakes are higher than ever as digital health intersects with artificial intelligence. Join legal, compliance, and security experts from Wilson...more

Troutman Pepper Locke

3 Takeaways From Recent Cyberattacks On Healthcare Cos.

Troutman Pepper Locke on

Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more

NAVEX

5 Essential Healthcare Compliance Laws and Regulations

NAVEX on

Healthcare compliance is the process of following the laws, regulations and ethical standards that govern the healthcare industry. It ensures that healthcare organizations protect patient safety, maintain data privacy and...more

Smith Anderson

$175K HIPAA Settlement Underscores Business Associate Risk Analysis Obligations

Smith Anderson on

In a recent settlement with an accounting firm, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) reinforced its ongoing commitment to holding business associates accountable for the...more

Jackson Lewis P.C.

OCR’s “Risk Analysis” Enforcement Initiative Continues Against Another Business Associate

Jackson Lewis P.C. on

On August 18, 2025, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with BST & Co. CPAs, LLP (BST). The announcement continues OCR’s escalating enforcement of the HIPAA...more

Kerr Russell

It’s Time to Update Your HIPAA Notice of Privacy Practices (and Other Practice Documents)

Kerr Russell on

Last year, the Office for Civil Rights (OCR) at the U.S. Department of Health & Human Services (HHS) issued a Final Rule to modify the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to...more

Ankura

Proposed Changes to HIPAA Security Rule: Strengthening Cybersecurity for Electronic Protected Health Information

Ankura on

Recently proposed amendments to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule are designed to enhance the cybersecurity of electronic protected health information (ePHI). These updates aim to...more

BCLP

The HIPAA Trap: Are You Actually a Covered Entity?

BCLP on

Whenever the topic of health and medical data comes up, the prevailing assumption often is that any of this information is subject to the federal Health Insurance Portability and Accountability Act (HIPAA) just by virtue of...more

Maynard Nexsen

Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon...

Maynard Nexsen on

This week on the podcast, Lynnsey and Lauren are joined by their colleague, Maynard Nexsen healthcare attorney Shannon Lipham, who helps healthcare providers and practices navigate complex federal and state regulations....more

779 Results
 / 
View per page
Page: of 32
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide