News & Analysis as of September 20, 2024

Compliance

+ Follow

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc. less -

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on 9/11/2024

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

[Event] Healthcare Privacy Compliance Academy - November 18th - 21st, Boston, MA

Health Care Compliance Association (HCCA) on 8/30/2024

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on 3/13/2024

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

The Long-Awaited Part 2 Modifications Are Finalized with New Obligations for Part 2 Providers and Less Friction for Sharing...

BakerHostetler on 3/1/2024

On February 8, 2024, the U.S. Department of Health & Human Services (HHS) released a final rule modifying 42 CFR Part 2 (Part 2) provisions regarding the confidentiality of Substance Use Disorder (SUD) Patient Records. The...more

After a Breach Is Too Late: Ensure BA, Subcontractor Compliance Now

Health Care Compliance Association (HCCA) on 3/25/2021

Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

Health Care Compliance Association (HCCA) on 1/26/2021

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on 8/14/2020

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

COVID-19 and Data Protection Compliance in the US

White & Case LLP on 4/15/2020

Irrespective of your industry, the current COVID-19 pandemic poses a new and unique challenge to organizations, their employees, and their customers. The emergence of COVID-19 has prompted organizations to collect and process...more

Report on Patient Privacy Volume 20, Number 3. Privacy Briefs: March 2020

Health Care Compliance Association (HCCA) on 3/19/2020

Report on Patient Privacy 20, no. 3 (March 2020) - As the new coronavirus, COVID-19, spreads across the United States, the HHS Office for Civil Rights (OCR) is reminding HIPAA covered entities and business associates that...more

[Event] March Privacy Compliance Academy - March 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on 1/16/2020

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

'Misinterpretation' of Breach Rule, Lack of Internal BAA Cost Hospital Group $2.1M

Health Care Compliance Association (HCCA) on 12/5/2019

Report on Patient Privacy 19, no. 12 (December 2019) - Sentara Hospitals, a nonprofit group of 12 medical centers in Virginia and North Carolina, will implement a fairly minimal two-year corrective action plan (CAP) and...more

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on 10/12/2015

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on 10/12/2015

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

HITECH Omnibus Rule Basics

Mintz - Privacy & Cybersecurity Viewpoints on 1/18/2013

As we pore through the 562-page HITECH Omnibus Rule released by the Department of Health and Services late yesterday afternoon, here are some top line bullet points...more

Finally! HHS Office of Civil Rights Releases HIPAA Omnibus Rule With Sweeping Changes to Compliance Requirements and Enforcement

Mintz - Privacy & Cybersecurity Viewpoints on 1/18/2013

The final regulations from Department of Health and Human Services Office of Civil Rights (OCR) containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule) have finally...more

15 Results

View per page

Page: of 1

Business Associates › Patient Privacy Rights › Compliance

"My best business intelligence, in one easy email…"