HIPAA Blog Posts: HIPAA Business Associates

Small Insurance Agent Gets HIPAA Compliant with The Compliance CO-OP

"I know each month when I get my compliance meter (monthly report card) that I have done all I can do to be HIPAA compliant for that month. At the end of the day, if there is a breach or the Department of Health and Human Services knocks on your door and asks for to prove you are in compliance with HIPAA/HITECH, I can, without a doubt, prove that I am in compliance." Burman Clark, Muneris Benefits

Continue reading…

"PHI warnings" in communications -- a potential source of unintended security breach? Fox Rothschild LLP

"Finally, if PHI is sent to a recipient prior to the parties’ execution of a compliant BAA and implementation of policies and procedures to protect PHI properly, a PHI Warning is unlikely to mitigate the liability of the sender (or recipient) for a security breach under HIPAA/HITECH."

Continue reading…

Business Associates Cause 42% of HIPAA HITECH Data Breaches

 The Ponemon Institute’s 2009 study of data breach costs indicates that 42 percent of the breach incidents studied were caused by third-party mistakes, and the involvement of those third parties increased the cost of the breaches by 12 percent.

Continue reading…

HIPAA Violations Not Always Due to Patient Data Breaches

You don't have to have a patient data breach to be guilty of HIPAA violations.  If you don't have a compliant privacy and security program in place today you are probably already in breach of HIPAA rules.

Continue reading…

HIPAA HITECH Compliance in 2 Hours a Week: The Compliance CO-OP

With a personal Helper answering your questions, an investment of 2 hours a week, and at a cost under $500 per year, your small (1-5 employees) company can be on the path to HIPAA HITECH compliance.

Continue reading…

HIPAA Medical data breaches most often caused by theft

An analysis of HHS information finds the biggest security leaks come from stolen laptops and removable memory technology. The take-home message: Keep devices locked up.By Pamela Lewis Dolan, amednews staff. Posted Sept. 3, 2010.

Continue reading…

HIPAA Violations with Paper Records by Business Associate and Sub-Contractor

Four Massachusetts community hospitals are investigating how thousands of patient health records, some containing Social Security numbers and sensitive medical diagnoses, ended up in a pile at a public dump.  The unshredded records included pathology reports with patients’ names, addresses, and results of breast, bone, and skin cancer tests, as well as the results of lab work following miscarriages.  By Liz Kowalczyk Globe Staff / August 13, 2010

Continue reading…

Business Associates Must Comply with Ther HIPAA Contracts, Now!

"Holding a business associate contractually liable, not only for improper uses and disclosures of PHI, but also for compliance with all other requirements of the Privacy Rule that pertain to the performance of the business associate's contract"  Reinhart Boerner Van Deuren SC

Continue reading…

44% of CIOs say Business Associates Not Ready for "Meaningful Use":Pricewaterhouse Coopers Study Shows

44% of CIOs say they are concerned that the external vendors they rely on in health information exchanges are not prepared for meaningful use implementation according to a survey done by Pricewaterhouse Coopers.

Continue reading…

Business Associates Liable for Breach of Their Business Associate Agreements, Effective February 17, 2010

Consequently, effective Feb. 18, 2010, the HITECH Act makes business associates both contractually liable to a covered entity for breach of the business associate agreement with the covered entity and civilly and criminally liable to the government for violations of those Security Rule requirements and the Privacy Rule's business associate agreement requirements. 

The Politics of Health Care


OCR Issues Proposed Modifications to HIPAA Privacy and Security Rules

Published August 11, 2010 7:24 AM by Frank Irving

Continue reading…