News & Analysis as of September 17, 2024

Cybersecurity

+ Follow

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc. less -

Ep. 19 - What to Do When Your Business Associate Suffers a Ransomware Attack

Dentons on 6/10/2024

The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more

Ounce of Prevention: Are You Keeping Track of Your Business Associate Agreements’ Requirements?

McGuireWoods LLP on 5/29/2024

Applicable Provider Types: All - Is Your Entity in Compliance? The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009...more

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on 5/22/2024

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

Health Care Compliance Association (HCCA) on 5/13/2024

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on 5/13/2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on 3/13/2024

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Imminent Cybersecurity Threats to Healthcare Revenue Cycle Management

BakerHostetler on 2/26/2024

BakerHostetler is closely monitoring imminent cybersecurity threats to healthcare revenue cycle management personnel and vendors. Most recently, Change Healthcare (CHC), a healthcare technology and business management...more

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on 5/6/2022

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Safeguards in New National Network Include Insurance, App Mandates, Cybersecurity Council

Health Care Compliance Association (HCCA) on 2/14/2022

Report on Patient Privacy 22, no. 2 (February, 2022) - The new national health information network calls for a number of privacy and security safeguards and standards that, in some instances, exceed what HIPAA covered...more

2022 Outlook: More Dangerous Ransomware Coupled With Inadequate Security Practices

Health Care Compliance Association (HCCA) on 1/17/2022

Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more

DOJ Announces New Initiative to Use False Claims Act to Enforce Compliance with Data Privacy and Security Laws and Contract...

Goodwin on 12/7/2021

The Department of Justice recently announced the launch of its new Civil Cyber-Fraud Initiative (the “Initiative”) which intends to use the False Claims Act to pursue “cybersecurity-related fraud by government contractors and...more

FBI: More Awareness, Due Diligence Needed To Fight China in New ‘Space Race’ for Data

Health Care Compliance Association (HCCA) on 10/15/2021

Report on Patient Privacy 21, no. 10 (October, 2021) - Conducting a risk analysis is a basic tenet of security compliance, with the overarching goal of understanding where protected health information (PHI) “lives” in an...more

Cyber Criminals Focusing on Clinics + Business Associates

Robinson+Cole Data Privacy + Security Insider on 10/7/2021

As hospital systems become more hardened to cyber-attacks, cyber criminals are focusing their efforts on smaller providers, such as outpatient clinics, specialty clinics and business associates, according to a report by...more

Nick Culbertson on Compliance Breaches in Healthcare

Health Care Compliance Association (HCCA) on 7/15/2021

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

OCR Investigator: Goal Is to Uncover ‘Root Cause,’ Remedy Harm From Violations

Health Care Compliance Association (HCCA) on 5/7/2021

Report on Patient Privacy 21, no. 5 (May 2021) - Given the hundreds of thousands of HIPAA covered entities (CEs) and business associates (BAs) and the two dozen or so enforcement actions the HHS Office for Civil Rights...more

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

Health Care Compliance Association (HCCA) on 1/26/2021

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

Security Threats Soar From Nation-State Bad Actors as the New Year Gets Underway

Health Care Compliance Association (HCCA) on 1/13/2021

Report on Patient Privacy 18, no. 1 (January 2021) - Security threats to health care entities will continue to escalate in 2021, as bad actors with significant capabilities target pandemic-weary organizations still...more

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on 8/14/2020

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Despite COVID-19 Challenges, No Extension of Form CRS Compliance Date for Investment Advisers

Pillsbury Winthrop Shaw Pittman LLP on 4/16/2020

On April 7, 2020, the staff of the Office of Compliance Inspections and Examinations (OCIE) issued a risk alert (Alert) informing investment advisory firms of the potential areas of focus for Form CRS-related examinations. In...more

[Event] March Privacy Compliance Academy - March 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on 1/16/2020

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

Report on Patient Privacy Volume 19, Number 11. Privacy Briefs: November 2019

Health Care Compliance Association (HCCA) on 11/12/2019

Report on Patient Privacy Volume 19, Number 11. (November 2019) ? The biggest threat to protected health information comes from carelessness within your organization, according to a brief from the Clearwater...more

White Paper on Privacy Issues in Proposed New National Medical Claims Database

Alston & Bird on 10/1/2019

Prof. Peter Swire, Elizabeth and Thomas Holder Chair at the Georgia Tech Scheller College of Business and Senior Counsel at Alston & Bird, has published a new white paper on “Possible Privacy, Cybersecurity, and Data Breach...more

Privacy & Cybersecurity Update - June 2019

Skadden, Arps, Slate, Meagher & Flom LLP on 7/2/2019

In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more

Massive Data Breach Underscores Importance of Business Associate Security

Manatt, Phelps & Phillips, LLP on 6/28/2019

It is no surprise that healthcare data breaches are on the rise. The number of annual health data breaches increased 70% the past seven years, with 75% of the breached, lost or stolen records—132 million—being breached by a...more

HIPAA Updates: New Guidance for Business Associates and Continued Data Breaches

Mintz - Health Care Viewpoints on 6/10/2019

The HHS Office for Civil Rights (OCR) released a new guidance document regarding which HIPAA violations business associates (BAs) can and cannot be held directly liable for. In the guidance, OCR states that BAs can be held...more

57 Results

View per page

Page: of 3

Business Associates › Data Breach › Cybersecurity

"My best business intelligence, in one easy email…"