Post Contributed by Alan Davis, Proteus Consulting Business Associate (BA) management is an important facet of a Covered Entity (CE) HIPAA security program. Yet many BAs are playing “catch up” to comply with the HIPAA Security Rule updates brought about by the HITECH Act. CEs are now challenging themselves to properly manage their BA relationships …
Outline: Health records are to be secured, exchanged and portable ,while credit card numbers are to be secured. Covered entities and their business associates (receiving any government reimbursements for healthcare treatment, payment or operations) are required to comply with HIPAA. Unlike finite PCI requirements, HIPAA encompasses security, privacy and rights, safety, quality improvement and eliminating …
Think PCI Can Replace HIPAA? 6 Points That Will Change Your Mind Read More »
Luckily, the answer to this question is a good one for covered entities. Business associates are liable for their own actions and every piece of protected information they are given. The important thing that covered entities need to be sure of is to properly enter into a contract that protects the privacy of protected information. …
Before September 23rd, 2013, business associates were subject to upholding the provisions in the contracts by which they were governed. That meant that the contracts controlled the type, amount, and use of protected information a business associate was able to handle. Now through the new HIPAA policy changes, covered entities no longer determine the liability …
Weren’t Business Associates Already Subject to HIPAA Before September 2013? Read More »
Last month, Google announced that they will sign a HIPAA Business associate agreement (BAA) with organizations who are using their Google Apps services: Gmail, Calendar, Drive, and Google Apps Vault. HIPAA (Health Insurance Portability and Accountability Act) is a set of laws requiring secure access to identifiable healthcare information. All organizations must comply in protecting …