HIPAA Blog Posts: HIPAA Business Associates
If you qualify for our Jumpstart program you can get a Free HIPAA Risk Assessment here: www.compliancehelper.com/free-hipaa-risk-assessment/ . If you don't qualify but still need a risk assessment we would be happy to talk with you about our automated HIPAA risk assessment tool that is cost effective and meets the highest standards.
Got an up to date HIPAA risk assessment? Got an up to date, written, set of policies and procedures? Got documented staff training? If not HIPAA auditors or your business partners "gotcha".
HHS audits for business associates will start in 2015 but they are the tip of the iceberg. Audits by covered entities are a much greater threat to business associates.
I just read, Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents by Daniel Solove, who is a professor at George Washington Law school and it certainly rang true to me.
Intermedix, a medical billing company and business associate, was sued for not protecting PHI which caused a breach and failing to notify patients of the breach.
8% of surveyed healthcare executives said that they were HIghly Confident that their business assocates were HIPAA compliant in the 2015 Healthcare Information Security Today Survey. 68% were either neutral or not confident.
The Indiana Attorney General filed a complaint for violation of the Indiana Disclosure of Security Breach Act and HIPAA against Dr. Beck. Dr. Beck had hired an outside vendor (business associate) to dispose of paper records but the records were discovered in a dumpster. In a consent decree he agreed to a $12,000 fine.
A lawsuit can be won against a company that does not maintain HIPAA compliance. In a recent case: “Reviewing a $1.44 million jury verdict, an Indiana appellate court affirmed that the plaintiff had raised a viable claim of negligence based on using HIPAA as the standard of care.”
If you still have "grandfathered" HIPAA business associate agreements (BAA) in place they may expire on September 22, 2014. BAAs that were in effect prior to January 25, 2013 were given until September 22, 2014 at the latest to be updated. If this has not been done you will be out of HIPAA compliance at that time.
Are Health Insurance Producers Your Greatest HIPAA Liability? If you are a health insurance carrier, agent, broker, or managing general agent and don’t demand proof of HIPAA compliance from your producers you are taking a huge financial risk.