HIPAA Blog Posts: HIPAA Business Associates

The BA HIPAA HITECH Compliance Plan; A Reasonable and Applicable Solution

The BA HIPAA HITECH Compliance Plan is reasonable in cost and effective for both covered entities and business associates.

Continue reading…

"The HHS technically could claim "willful neglect" if you don't actively ensure compliance with HIPAA HITECH"

Rebecca Herold, reporting from the frontlines at IAPP reported that an attorney from Deloitte stated in a HIPAA HITECH session that  "The HHS technically could claim willful neglect if you don't actively ensure BA compliance with HIPAA/HITECH."  He qualified his statement by saying that this was still a topic for discussion in the healthcare legal community.
 

Continue reading…

Slow Hospital Compliance with New Regulations Causing Increased Data Breaches & Medical Identity Theft

A national survey conducted by Identity Force found that the pandemic of data breaches and medical identity theft remains at critical levels throughout hospitals in the United States despite new regulations, including the HITECH Act, meant to protect the security of patients’ personal information.

Continue reading…

What are "Satisfactory Assurances" that a Business Associate is compliant with HIPAA HITECH?

§ 164.308 Administrative safeguards.
(b)(1) Standard: Business associate contracts and other arrangements. A covered entity, in accordance with §164.306, may permit a business associate to create, receive, maintain, or transmit electronic protected health information on the covered entity's behalf only if the covered entity obtains satisfactory assurances, in accordance with §164.314(a) that the business associate will appropriately safeguard the information.
 

Continue reading…

Lauren Kovach, IBM Security Solutions, says make sure your business associates understand their HIPAA HITECH responsibilities.

HITECH Compliance: IBM's Lauren Kovach
April 15, 2010 - Howard Anderson, Managing Editor, HealthcareInfoSecurity.com.

Healthcare organizations need to take steps to ensure their business associates understand their requirements under the HITECH breach notification rule, says Lauren Kovach of IBM Security Services.

Continue reading…

HIPAA HITECH SOlUTIONS Webinar April 27, 2010 11:00am EDT

You have heard a lot talk about the HIPAA HITECH problems but here are the solutions to your four most urgent problems.

Continue reading…

HIPAA HITECH in Effect for Business Associates

"Any entity that comes into possession of PHI (even temporarily or indirectly) in connection with the services it provides to other entities must ensure that it is acting in compliance with the requirements of HIPAA and the HITECH Act."  The OCR delay in defining certain rules does not mean the HIPAA HITECH requirements have been delayed, they are effective now. 

Continue reading…

275,000 cases of medical identity theft in 2009

 According to market research firm Javelin Strategy & Research, data theft and other fraudulent activities related to the exposure of EMR data more than doubled in 2009. There were more than 275,000 cases of theft of medical information in the United States in 2009. Javelin expects that incidents of fraud will continue to increase as more medical providers increase their use of EMR.

Continue reading…

Would your state Attorney General prosecute for HIPAA HITECH Breaches?

State Attorneys General will prosecute for HIPAA HITECH violations.

Continue reading…

Insurance Broker Association Urging Members to Start HIPAA HITECH Compliance

An insurance broker confided that their association had urged them to get started on compliance despite the lack of clarity about the business associate rules.  The law is clear that they need policies and procedures, a privacy officer, and training for their staff.

Continue reading…