News & Analysis as of September 17, 2024

Data Protection

+ Follow

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc. less -

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

Health Care Compliance Association (HCCA) on 5/13/2024

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on 5/13/2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Business Associate Victim of Ransomware Attack Pays $100,000 to HHS OCR

Brooks Pierce on 12/6/2023

Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on 10/27/2016

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

OCR Releases HIPAA Guidance on Cloud Computing

Robinson+Cole Data Privacy + Security Insider on 10/11/2016

On October 6, 2016, the Department of Health and Human Services Office for Civil Rights (OCR) released HIPAA guidance on cloud computing (Guidance). The Guidance is intended to help covered entities and business associates...more

GAO Study Slams HHS For Lack of Guidance to Covered Entities

Robinson+Cole Data Privacy + Security Insider on 10/10/2016

We watch closely for any guidance to HIPAA covered entities and business associates from the Department of Health and Human Services Office for Civil Rights (HHS/OCR). Why? Because there is so little of it. Lately, the only...more

Best Practices for Safeguarding Protected Health Information in Inclement Weather

Akerman LLP - Health Law Rx on 10/6/2016

As the East Coast prepares for the arrival of Hurricane Matthew, covered entities and business associates should take the opportunity to remind their workforce members to safeguard protected health information (PHI) that is...more

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on 10/12/2015

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

Obermayer Rebmann Maxwell & Hippel LLP on 1/6/2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

Manatt, Phelps & Phillips, LLP on 10/3/2014

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

How To Catch-Up in a Revised HIPAA World

Smith Anderson on 1/6/2014

The HIPAA final omnibus rule (Omnibus Rule) made sweeping changes to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules earlier this year. Although the compliance deadline of September 23, 2013 has come...more

HIPAA, Business Associates, and the Cloud

BakerHostetler on 6/24/2013

Under the Final Rule, as previously discussed, business associates must comply with the technical, administrative, and physical safeguard requirements under the Security Rule....more

Cloud Storage Providers Storing Protected Health Information May Be Obligated to Comply with HIPAA Regulations

Wilson Sonsini Goodrich & Rosati on 4/17/2013

A recently issued government rule may unknowingly create significant liability and legal risk for many technology enterprises. The expanded definition of "business associates" and related interpretations by the Department of...more

The HIPAA/HITECH Final Rule has arrived!

Sands Anderson PC on 4/9/2013

If you are a health care provider and/or someone who routinely performs work involving patient health information on behalf of a health care provider, you likely need to know about the HIPAA/HITECH Final Rule....more

Scripts - April 2013

Poyner Spruill LLP on 4/8/2013

In This Issue: - Key Provisions In the Final Omnibus HIPAA/HITECH Rules and What They Mean for You - NLRB and EEOC May Target Employer Efforts to Keep Employees Quiet During Internal Investigations -...more

Time to Take Advantage of HIPAA Omnibus Rule's "Good News": Fundraising, Research, and Student Immunization Records

Davis Wright Tremaine LLP on 4/3/2013

The Omnibus Rule went into effect on March 26, 2013. While covered entities and business associates have until Sept. 23, 2013, to comply with new restrictions and obligations, they can take advantage of the rule’s benefits...more

HITECH and HIPAA: The Final Rule

Baker Donelson on 3/14/2013

The final rule implementing new obligations under HITECH and changing obligations under HIPAA is finally out. Covered entities and business associates need to come into compliance with these requirements by September 23,...more

New HIPAA Regulations Require Action by Group Health Plans

McDermott Will & Emery on 3/8/2013

Final HIPAA privacy and security regulations issued by the U.S. Department of Health and Human services will require action by group health plan sponsors by September 2013....more

A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA...

Womble Bond Dickinson on 2/6/2013

Changes to the HIPAA Enforcement Rule - Background: On October 30, 2009, HHS issued an interim final rule revising the Enforcement Rule to incorporate provisions of the HITECH Act. The NPRM then proposed a number of...more

HEALTH REFORM: Four Key Areas of the New HIPAA Privacy Regulations

Epstein Becker & Green on 2/1/2013

On January 25, 2013, the Health Insurance Portability and Accountability Act ("HIPAA") regulations (the "Omnibus Rule") implementing the statutory amendments under the Health Information Technology for Economic and Clinical...more

20 Results

View per page

Page: of 1

Business Associates › Healthcare › Data Protection

"My best business intelligence, in one easy email…"