HIPAA Blog Posts: HIPAA Business Associates

HIPAA Audit Questionnaire

If you were lucky enough to not receive one, here is the questionnaire that is going out to all potential audit winners.  http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/questionnaire/index.html 

Continue reading…

The BA Agreement Is Not Sufficient for "Satisfactory Assurances"

Just getting your business associates to sign a BA agreement is not enough.  You need "satisfactory assurances" such as documented HIPAA security awareness training, to protect you.

Continue reading…

OCR says: Comprehensive HIPAA Risk Assessment Required

OCR Director, Jocelyn Samuels, reinforced the need for an enterprise-wide assessment when she stated, “[a]ll too often we see covered entities with a limited risk analysis that focuses on a specific system such as the electronic medical record or that fails to provide appropriate oversight and accountability for all parts of the enterprise.” 

Continue reading…

Covered Entities and Business Associates Linked in Audits

If a covered entity is audited, their business associates will be included in the audit, and if the business associate fails, so does the covered entity.

Continue reading…

Business Associates Need Proof of HIPAA Compliance

To guard against data breaches, healthcare organizations must demand more proof of how their business associates are safeguarding patient data and mitigating related risks, says privacy and security expert Daniel Schroeder.

Continue reading…

HIPAA Risk Assessment Explained

Getting a HIPAA risk assessment is a requirement but what is the definition of a HIPAA risk assessment and what should you buy?

Continue reading…

Store PHI? You are a Business Associate

If you store either PHI (Protected Health Information) or EPHI (Electronic Protected Health Information) you are a business associate and must be HIPAA compliant.

Continue reading…

No Risk Assessment, No Business Associate Agreement: $3.5 million fine.

A healthcare insurer received a $3.5 million fine and CAP (Compliance Action Plan) for multiple breaches caused by no policies, no risk assessment, and no business associate agreement with a major vendor.

 

Continue reading…

Business Associates: A HIPAA Enforcement Priority?

Industry experts are calling for more enforcement of HIPAA regulations on business associates, according to this article in healthcareinfosecurity.com.

Continue reading…

Business Associates: HIPAA Compliance in 72 Hours

Business associates can go from zero to HIPAA compliance in 72 hours with the new Jumpstart program from Compliance Helper and ACR2 Solutions.  This includes an initial risk assessment, policies, training, and an updated risk assessment.  Everything you need to prove that you are HIPAA Compliant.

Continue reading…