HIPAA Blog Posts: HIPAA Business Associates

New HIPAA HITECH Solution: The Compliance Master Program Manages an Entire Enterprise

With the release of the Master Program, Compliance Helper now has HIPAA HITECH solutions for the largest covered entities and business associates, as well as the smallest Sub-Contractor.

Continue reading…

HIPAA: the new enforcement culture, Ober Kaler, James B. Wieland

"However, as the health care system moves inexorably towards electronic health records — and as more and more protected health information is stored and moved in electronic form — all covered entities should be paying attention to the security of their information systems, because the culture of HIPAA compliance is changing."  

Continue reading…

Automatic fines: HITECH, HIPAA and willful neglect the importance of policies and procedures,Dickinson Wright PLLC, Craig A. Phillips and Tatiana Melnik

"Business associates. The HITECH Act expanded the scope and application of HIPAA to directly apply several of HIPAA’s security and privacy requirements to business associates. Among other provisions, this expansion includes the Policies and Procedures and Documentation Requirements outlined in 45 CFR § 164.316, which requires organizations to “[i]mplement reasonable and appropriate policies and procedures to comply with the standards, implementation specifications, or other requirements” of the Security Rule."

Continue reading…

Medical ID (PHI) Targeted by Digital Thieves

"The going price of a medical ID, a Medicare number, is actually significantly higher than a Social Security number," Adam Greene, senior health IT and privacy specialist in HHS' Office for Civil Rights

Continue reading…

"Periodic Audits" Included in HIPAA HITECH Final Rule

Additionally, OCR, developing a HITECH Act required "periodic audit" plan, which will be targeted to ensure that covered entities and business associates comply with the requirements of the Privacy and Security Rules.    

Continue reading…

HIPAA HITECH "Satisfactory Assurances": The Compliance Meter (tm)

§ 164.308 Administrative safeguards.
(b)(1) Standard: Business associate contracts and other arrangements. A covered entity, in accordance with §164.306, may permit a business associate to create, receive, maintain, or transmit electronic protected health information on the covered entity's behalf only if the covered entity obtains satisfactory assurances, in accordance with §164.314(a) that the business associate will appropriately safeguard the information.

Continue reading…

HIMSS Study: 25% of Medical Practices Don't Do Risk Assessments (I think it's 80%)

"According to the survey, 75 percent of all respondents stated they perform a risk assessment at their organization, similar to the findings of the 2009 survey. However, this year's survey included a greater representation of medical practices, where twice as many respondents reported that their practice does not conduct a risk analysis (33 percent) compared to those who work at a hospital (14 percent)."

Continue reading…

HIPAA HITECH Compliance: The Cost

Case studies reveal cost of HIPAA HITECH compliance is much less than expected.

Continue reading…

Covered Entities Asking Business Associates for HIPAA HITECH Proof

"Covered entities should request due diligence documentation from their business associates and ask their system vendor(s) to provide the new accounting of disclosures functionality and have it tested by Jan. 1, 2011, to accommodate their consumers, if only a few, who ask for an accounting of disclosures.

We also recommend that covered entities begin to review their current NPP and P+Ps, and begin to draft changes that accommodate the new accounting of disclosures requirements. Once the new NPP and P+Ps become final, covered entities should train their work force accordingly." HITECH Accounting of Disclosures, Gerry Blass and Susan Miller JD

Continue reading…

100th HIPAA HITECH Blog: How To Manage Your Business Associates and Sub-Contractors

The major shift has been the law firms acknowledging that covered entities are responsible for their business associates and their sub-contractors.  Compliance Helper has developed the Compliance Meter tm  and The Compliance CO-OP for effectively managing BAs and Subs.

Continue reading…