Are Your Vendors Violating HIPAA?

This is an important article for both CEs and BAs. It makes it very clear that BAs need to get compliant, stay compliant, and prove compliance and that CEs have an obligation to monitor their BAs. The challenge is how to manage this process in a cost effective and efficient manner. We developed BA Tracker for this express purpose. We take the list of BAs given to us by the CE and load it in our portal. Which gives them immediate access ot update information such as the date of their business associate agreement. The next step is using BA Tracker to send an email from the CE requesting/requiring the BA to take an on-line survey of what PHI they access, how they access it, how they process it, and most importantly how they protect it. BA Tracker scores their survey and assigns them to the appropriate risk category. With the CEs permission Compliance Helper contacts those in the higher risk categories and offers them cost effective and efficient methods of remediating these risks and proving their compliance. The advantage for the BA using CH is that they will be able to offer proof of HIPAA compliance to their other CEs through our Compliance Meter(tm).

Here is the link: http://www.beckershospitalreview.com/healthcare-information-technology/are-your-vendors-violating-hipaa-why-internal-hipaa-compliance-may-not-be-enough.html