News & Analysis as of

Business Associates Compliance Protected Health Information

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
BakerHostetler

6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference

BakerHostetler on

On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more

Winstead PC

HIPAA Gets a Potential Counterpart in HISAA

Winstead PC on

Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more

Health Care Compliance Association (HCCA)

BAAs: If and when third parties receiving PHI for research qualify as BAs under HIPAA

A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

BCLP

Action Items as a Result of HIPAA Privacy Rule Modifications

BCLP on

On April 22, 2024, the U.S. Department of Health and Human Services (“HHS”) issued new regulations under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that impose new restrictions on the use and...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - November 18th - 21st, Boston, MA

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Bricker Graydon LLP

Actions Needed to Get Your Health Plan in Compliance With the New HIPAA Rules

Bricker Graydon LLP on

On April 26, 2024, the U.S. Department of Health and Human Services (HHS) published the Reproductive Health Care Rule. This final rule enhances the HIPAA privacy protections for protected health information (PHI) relating to...more

Bricker Graydon LLP

The Rise of AI in Healthcare: Balancing Innovation and Compliance

Bricker Graydon LLP on

The popularity of Artificial Intelligence (AI), particularly OpenAI's ChatGPT, has rapidly increased since its release in November 2022. In healthcare, Generative AI (GAI) tools like ChatGPT can revolutionize workflows by...more

Fenwick & West LLP

Entities Big and Small Must Soon Comply with Washington's My Health My Data Act

Fenwick & West LLP on

The deadline is fast approaching for Washington “small businesses” to comply with the state's My Health My Data Act (MHMDA). The MHMDA, signed by Gov. Jay Inslee on April 27, 2023, provides stronger privacy protections...more

Holland & Knight LLP

What HIPAA Security Rule Surprises Await Healthcare Providers for the Second Half of 2024?

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more

Benesch

Annual Report to Congress on HIPAA Privacy, Security, and Breach Notification Rule Compliance

Benesch on

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more

Smith Anderson

Introduction to HIPAA Compliance Considerations for Health Care Providers

Smith Anderson on

Data privacy and security are a rapidly expanding area of regulatory activity and patient attention. For most health care providers, central data privacy and security legal obligations flow from the federal Health Insurance...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

BakerHostetler

The Long-Awaited Part 2 Modifications Are Finalized with New Obligations for Part 2 Providers and Less Friction for Sharing...

BakerHostetler on

On February 8, 2024, the U.S. Department of Health & Human Services (HHS) released a final rule modifying 42 CFR Part 2 (Part 2) provisions regarding the confidentiality of Substance Use Disorder (SUD) Patient Records. The...more

BakerHostetler

HHS OCR Announces Largest Civil Monetary Penalty Imposed Since 2021 for Snooping Incident

BakerHostetler on

Nearly two months after settlement was reached, the Department of Health and Human Services Office for Civil Rights (HHS OCR) announced on Feb. 6 that it obtained a resolution agreement with Montefiore Medical Center over...more

Dorsey & Whitney LLP

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

Dorsey & Whitney LLP on

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more

Bricker Graydon LLP

Are you regulated under HIPAA? Ensure your website or app’s user tracking is HIPAA compliant

Bricker Graydon LLP on

On December 1, 2022, the Centers for Medicare and Medicaid Services’ Office of Civil Rights (OCR) issued new guidance to covered entities and business associates regarding website and application user data tracking and how...more

Hogan Lovells

Not so fast: HHS OCR warns that HIPAA applies to online tracking technologies

Hogan Lovells on

Covered Entities and Business Associates must comply with HIPAA in their use of online tracking technologies, including cookies, pixels or similar code. The U.S. Department of Health and Human Services (HHS), Office for Civil...more

Health Care Compliance Association (HCCA)

[Virtual Event] Healthcare Enforcement Compliance Conference - November 7th - 9th, 8:55 am - 3:30 pm CST

Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us virtually at HCCA’s Annual Healthcare Enforcement Compliance...more

Miles & Stockbridge P.C.

Understanding HIPAA Compliance Can Help Protect Health Care Providers Too

It’s no secret that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) exists to protect the privacy of patients and their sensitive health information. However, understanding the importance of HIPAA...more

Winthrop & Weinstine, P.A.

Business Associate Agreements: Do You Have Them, And Are They Compliant?—Roots Of Wisdom

Navigating the day-to-day duties related to your practice includes many different responsibilities. From providing patient care, to making sure your office has the appropriate equipment, to managing your team, you have a lot...more

Health Care Compliance Association (HCCA)

Nick Culbertson on Compliance Breaches in Healthcare

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Health Care Compliance Association (HCCA)

After a Breach Is Too Late: Ensure BA, Subcontractor Compliance Now

Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

Health Care Compliance Association (HCCA)

Settlement Involves 'Dark Overlord' Hack, Tip by Breach-Tracking Journalist

Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more

53 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide