Health and Human Services defines a Business Associate as, “any entity or person that is not directly employed by a provider, but who works with and on behalf of the provider and has access of the PHI of the provider’s patients.” Examples of Business Associates include: Accountants Attorneys Billing companies Coders Collection companies and their …
Business Associate Agreements (BAA) and Microsoft Office 365 Read More »
With the recent Coronavirus outbreak, many healthcare professionals and business associates have questions about staying HIPAA compliant during a public health emergency. It can be confusing to know what information to trust. We have complied a list below of trusted sources for COVID-19 updates and HIPAA. COVID-19 Resources: CDC.gov/coronavirus WHO.int/emergencies/diseases HIPAA and COVID-19 Resources: 2019 …
Back in 2013, when Edward Snowden was in Hong Kong revealing he leaked documents detailing mass-surveillance programs by the U.S. government, the Department of Health and Human Services (HHS) was creating the Final Omnibus Rule. This rule extended its regulatory reach beyond covered entities (e.g. healthcare providers, health plans, and clearinghouses) to business associates who …
Am I a business associate under HIPAA? Why should I care? Read More »
Earlier this month, the U.S. Department of Health and Human Services (HHS) and the Office for Civil Rights (OCR) released an updated version of their Security Risk Assessment Tool (SRAT). We have been following the development of this toolkit since its inception in 2011 as the HSR toolkit and reviewed V2.0 in early 2014. Each time a new version is released, HIPAA One gathers with a few trusted industry partners to review the changes and updates so that we may accurately counsel healthcare providers, payers and business associates on the pros and cons of utilizing this free, government-issued application.
A recent HHS Office for Civil Rights email blast outlined a story that many of us have heard before, another business closed with significant monies paid out in fines. Filefax, Inc. has agreed to pay $100,000 in order to settle potential violations of the HIPAA Privacy Rule. Once a medical records storage company for covered …
Too often there are misconceptions about new laws or policies because there has been too little effort to educate or to elaborate on details concerning the changes that the new laws or policies will effect. That is the case with the new HIPAA laws that have been in effect since September 2013. Evidence of this …
Knowing the distinction between a covered entity and a business associate is essential because the Health Insurance Portability and Accountability Act Privacy Rule is administered differently between the two. If you understand the difference, then you understand who has access to your medical data and what authority they possess to do with that medical information. …
What’s The Difference Between A Covered Entity & Business Associate? Read More »