By Jack Anderson
November 19, 2012
In this recent artilcle speculation about the Omnibus Package and its effect on healthcare organizations is discussed. It points out again the need for covered entities to monitor the HIPAA compliance of their business associates. While HHS is not enforcing this with business associates the law still requires them to be compliant and for covered entities to get :suitable assurances” that they are compliant.
As pointed out by Adam Greene in this article business associates have become a major liability for covered entities with more patient records breached by business associates than by covered entities. The punishment goes to the covered entity regardless of who caused the breach.
Covered entities must become more proactive in monitoring their business associates and the BA Tracker service from Compliance Helper provides a solution.
http://www.healthcareinfosecurity.com/hipaa-omnibus-package-waiting-game-a-5302?rf=2012-11-19-eh&elq=dd78d5d89a5f4e5faa38b2af619557db&elqCampaignId=5128