HIPAA Blog Posts: HIPAA Business Associates

Business Associate Breach Costs Stanford Hospital $4 Million Dollars

 The $4 million settlement of a class action lawsuit filed under California law, not HIPAA, was announced by Los Angeles County Superior Court Judge Elihu Berle.  The breach was caused when Stanford handed over encrypted data to Multi-Specialty Collection Services which ended up posted on a student website where it was available to the public for over a year.

Continue reading…

HIPAA Business Associate Breach Triggers Class Action Lawsuit

 A class action lawsuit has been filed against Los Angeles County and a vendor that handles patient billing and payment collections for the county's departments of health services and public health in the wake of a breach last month affecting 168,500 individuals.  The breach was the result of a Feb. 5 theft of eight unencrypted desktop computers from the Torrance, Calif. office of Sutherland Healthcare Services, the billing and collections business.  Class Action Suit Filed in L.A. Breach, Seeking Damages in Wake of Computer Theft Incident, By Marianne Kolbasuk McGee, March 19, 2014. Follow Marianne @HealthInfoSec

Continue reading…

Monitor Business Associates Compliance

 Law firm recommends that covered entitiesand business associates "investigate subcontractors' data protection practices, including by way of reviewing third party audit reports and written data security policies where available".  Interestingly this is not a HIPAA issue, yet but the FTC despite the fact that it is a healthcare transcripton company that caused the breach.

Continue reading…

HIPAA Businees Associate Agreements and Omnibus Rule

 The HIPAA Omnibus Rule has created a new dialogue about HIPAA business associate agreements. Business associates need to be very careful about signing business associate agreements as covered entities and business associates are trying to shift liability to their business associates or sub-contractors.

Continue reading…

HIPAA Business Associate Audits

 HHS will be starting HIPAA business associate audits in 2014, but the most likely source of an audit is a covered entity or business associate seeking "satisfactory assurances that you are HIPAA compliant.

Continue reading…

HIPAA for Insurance Producers

 The HIPAA Omnibus Rule has changed the requirements for insurance producers and Compliance Helper has responded with a special program to help them get compliant, stay compliant, and prove compliance with our Compliance Meter(tm).

Continue reading…

HIPAA Compliance for Health Insurance Producers

 September 23, 2013 was the deadline for all health insurance producers to be HIPAA compliant.  A new tool from Compliance Helper helps them get compliant, stay compliant, and prove compliance for only $99 setup and $35 per month.

Continue reading…

HIPAA Omnibus Rule and Business Associates

 First there was HIPAA, then HITECH, now Omnibus, what is a business associate supposed to do?  Well since 60% of business associates surveyed had never heard of the Omnibus Rule get educated is critical.

Continue reading…

What Next with HIPAA Omnibus? David Finn of Symantec on Top Compliance Challenges

What Next with HIPAA Omnibus? David Finn of Symantec on Top Compliance Challenges "It's going to be imperative that covered entities monitor and know what the business associates are doing, but they're not going to realistically be able to do that themselves."  

Continue reading…

HIPAA Compliance Software for Business Associates

 HIPAA compliance software for business associates is different from HIPAA compliance software for covered entities.  The difference is the need for on-going proof of compliance to satisfy their covered entities.

Continue reading…