News & Analysis as of

Business Associates Medical Records Data Protection

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Health Care Compliance Association (HCCA) on

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Health Care Compliance Association (HCCA)

After a Breach Is Too Late: Ensure BA, Subcontractor Compliance Now

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 21, no. 3 (March 2021) - Sometime during the fall, a worker for a subcontractor of Humana Inc. decided to share actual member information from medical records via a Google document with people he...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

Holland & Hart - Health Law Blog

Modified HIPAA Rules for Sending Records to Third Parties

Holland & Hart - Health Law Blog on

Thanks to a federal judge, the Office for Civil Rights has modified its rules for sending records to third parties. Covered entities are no longer required by HIPAA to send non-electronic protected health information (“PHI”)...more

BakerHostetler

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

BakerHostetler on

In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #191 – Trying to Protect Your Medical Information—Let’s Ask Questions About Data Security

Robinson+Cole Data Privacy + Security Insider on

In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper...more

Fox Rothschild LLP

Bankrupt Medical Records Company Hit With $100,000 Penalty For HIPAA Violations

Fox Rothschild LLP on

Filefax, Inc., a defunct Illinois medical records storage and management company, has been fined $100,000 for improperly handling medical data under an agreement with the court-appointed receiver managing the company’s assets...more

Perkins Coie

Potential HIPAA Pitfalls for Developers of Healthcare Apps

Perkins Coie on

As federal and state governments struggle to address future healthcare regulation, demand for healthcare that is cheaper, better and faster continues to surge. Every day, new healthcare apps are being developed to respond...more

Akerman LLP - Health Law Rx

Best Practices for Safeguarding Protected Health Information in Inclement Weather

Akerman LLP - Health Law Rx on

As the East Coast prepares for the arrival of Hurricane Matthew, covered entities and business associates should take the opportunity to remind their workforce members to safeguard protected health information (PHI) that is...more

Manatt, Phelps & Phillips, LLP

Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates

Manatt, Phelps & Phillips, LLP on

The delivery of health care – and payment for that care – is a complex endeavor, and health care providers and health plans rely on third parties to help them operate as businesses and fulfill their responsibilities to...more

K&L Gates LLP

HIPAA’s New Rules: Expanding Scope, Clarifying Uncertainties, & Reinforcing Fundamentals

K&L Gates LLP on

On January 25, 2013, the Secretary for the United States Department of Health and Human Services, Office for Civil Rights (the “Department”) officially published the long-awaited final regulations (the “Final Rule”)...more

Akerman LLP

HIPAA Omnibus Final Rule Imposes New Obligations on Business Associates

Akerman LLP on

On January 25, 2013, the Department of Health and Human Services/Office for Civil Rights (HHS/OCR) published in the Federal Register (78 Fed. Reg. 5566) the long-awaited final rule titled Modifications to the HIPAA Privacy,...more

Mintz - Privacy & Cybersecurity Viewpoints

Business Associates Beware

Mintz - Privacy & Cybersecurity Viewpoints on

If you haven’t yet caught up with the new HIPAA Omnibus Rule and its consequences for those businesses who are not themselves healthcare providers, but are service providers to healthcare entities (and even further downstream...more

Katten Muchin Rosenman LLP

Final HIPAA Rule Has Sweeping Impact on Covered Entities and Business Associates

Katten Muchin Rosenman LLP on

On January 25, 2013, the Department of Health and Human Services (HHS) published the highly anticipated Health Insurance Portability and Accountability Act (HIPAA) Omnibus Final Rule (the “Final Rule”). The Final Rule...more

Manatt, Phelps & Phillips, LLP

HIPAA Omnibus Rule Reshapes Landscape for Health Care Privacy, Security Compliance

Manatt, Phelps & Phillips, LLP on

Originally published in Health IT Law & Industry Report, on January 23, 2013. On Jan. 17, 2013, the Office for Civil Rights of the U.S. Department of Health and Human Services (‘‘HHS’’) issued a long-awaited omnibus rule...more

BakerHostetler

Be Prepared: Redline Version of the HIPAA/HITECH Final Rule

BakerHostetler on

The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”)....more

16 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide