News & Analysis as of

Business Associates HIPAA Omnibus Rule Protected Health Information

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Holland & Hart - Health Law Blog

HIPAA, Business Associates, and the Conduit Exception

Holland & Hart - Health Law Blog on

The HIPAA privacy and security rules impose significant requirements on covered entities and their business associates; violations may result in penalties ranging from $119 to $59,522 per violation. (45 CFR § 160.404; 45 CFR...more

Holland & Hart - Health Law Blog

Modified HIPAA Rules for Sending Records to Third Parties

Holland & Hart - Health Law Blog on

Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more

BakerHostetler

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

BakerHostetler on

In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more

Miller Canfield

Understanding When Business Associates Are Directly Liable Under HIPAA

Miller Canfield on

New guidance issued by the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) reaffirms that business associates must have proper HIPAA compliance practices, safeguards and documentation in place...more

FordHarrison

Business Associate Agreements May Require Amendment

FordHarrison on

The Omnibus Final Rule (the "Omnibus Rule") under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), was issued in January, 2013 effective March 26, 2013, but with a general compliance deadline of...more

Mintz - Health Care Viewpoints

Hearing to Address HIPAA Accounting of Disclosures

Mintz - Health Care Viewpoints on

The HHS Office of Civil Rights (OCR) announced that the Health Information Technology (HIT) Policy Committee’s Privacy and Security Tiger Team will hold a virtual, public hearing on Monday, September 30 from 11:45 a.m. to...more

Mintz - Privacy & Cybersecurity Viewpoints

Privacy Monday – September 23, 2013: Today Is HIPAA Compliance Day – 5 Things That You Should Have Done

Mintz - Privacy & Cybersecurity Viewpoints on

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule. In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape. Here...more

Spilman Thomas & Battle, PLLC

3 Weeks Left: Is Your Business Ready for HIPAA Compliance?

Spilman Thomas & Battle, PLLC on

The September 23, 2013 deadline for covered entities, business associates and their subcontractors to implement the new HIPAA rules is approaching quickly. In case you missed it, on January 25, 2013, the U.S. Department of...more

BakerHostetler

HIPAA, Business Associates, and the Cloud

BakerHostetler on

Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more

BakerHostetler

Business Associate Agreements: More Readily Accepted by Cloud Service Providers? Maybe

BakerHostetler on

Although the HIPAA Omnibus Final Rule's expansion of business associate liability could create difficulties for healthcare providers and other covered entities seeking to negotiate business associate agreements with vendors...more

Wilson Sonsini Goodrich & Rosati

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

Wilson Sonsini Goodrich & Rosati on

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

BakerHostetler

HIPAA/HITECH Final Rule - Assessing Your Organization's Compliance Readiness

BakerHostetler on

The long awaited HIPAA/HITECH Final Rule became effective March 26, 2013, but covered entities, business associates and subcontractors will have until September 23, 2013, to fully comply. ...more

Sands Anderson PC

The HIPAA/HITECH Final Rule has arrived!

Sands Anderson PC on

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

Smith Anderson

Newly Effective HIPAA Omnibus Rule Makes Sweeping Changes to HIPAA

Smith Anderson on

The long-awaited final omnibus rule (Omnibus Rule) that modifies the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [1] took effect last week, on March 26, 2013. Leon Rodriguez, Director of the U.S....more

Davis Wright Tremaine LLP

Time to Take Advantage of HIPAA Omnibus Rule's "Good News": Fundraising, Research, and Student Immunization Records

Davis Wright Tremaine LLP on

The Omnibus Rule went into effect on March 26, 2013. While covered entities and business associates have until Sept. 23, 2013, to comply with new restrictions and obligations, they can take advantage of the rule’s benefits...more

Burr & Forman

Burr Alert: Employer Obligations Under New HIPAA Rules

Burr & Forman on

With all of the attention garnered by healthcare reform, it would be easy to overlook the new HIPAA rules (the "Rules") applicable to covered entities under HIPAA, which include employer group health plans. Compliance with...more

Winstead PC

What We Need to Do to Comply with the Final HIPAA Rule: A Summary of the Privacy Obligations for Health Care Providers, Health...

Winstead PC on

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) published the highly anticipated Omnibus Rule, which makes extensive changes (as promulgated by the Health Information Technology for Economic and...more

Baker Donelson

Don't Get Pinched by New HHS PHI Rules

Baker Donelson on

HHS has released its much-anticipated final omnibus rule about protected health information. The rule addresses privacy and security issues, including defining a business associate and expanding individuals' rights to...more

Cozen O'Connor

Highlights of the Omnibus HIPAA/HITECH Final Rule

Cozen O'Connor on

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus...more

Poyner Spruill LLP

Final HIPAA/HITECH Rules: Compliance Actions for Employee Benefit Plans

Poyner Spruill LLP on

The Department of Health and Human Services recently released final regulations modifying the HIPAA Privacy, Security Breach Notification and Enforcement Rules (the “Omnibus Rule”). These regulations have far-reaching effects...more

Dickinson Wright

The HIPAA “Omnibus” Final Rule Part II - Revisions to Business Associate Definition, Liability and Obligations, Certain Individual...

Dickinson Wright on

The United States Department of Health and Human Services (the “Department” or “HHS”) issued the “Omnibus” Final Rule (the “Final Rule”) on January 17th, 2013. The Final Rule contains long-awaited rules and clarifications...more

BakerHostetler

Special Edition: Health Law Update - February 28, 2013

BakerHostetler on

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

K&L Gates LLP

HIPAA’s New Rules: Expanding Scope, Clarifying Uncertainties, & Reinforcing Fundamentals

K&L Gates LLP on

On January 25, 2013, the Secretary for the United States Department of Health and Human Services, Office for Civil Rights (the “Department”) officially published the long-awaited final regulations (the “Final Rule”)...more

Snell & Wilmer

New HIPAA Omnibus Regulations – What Employers Who Sponsor Group Health Plans Need to Know to Comply

Snell & Wilmer on

On January 25, 2013, the Department of Health and Human Services (HHS) published final regulations that modify the Privacy, Security, Enforcement and Breach Notification Rules issued pursuant to the Health Insurance...more

Mintz - Privacy & Cybersecurity Viewpoints

The New HIPAA Omnibus Rule & Your Liability — A Detailed Review

Mintz - Privacy & Cybersecurity Viewpoints on

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more

67 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide