News & Analysis as of

Business Associates Policies and Procedures Health Insurance Portability and Accountability Act (HIPAA)

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - November 18th - 21st, Boston, MA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Verrill

HHS Issues Model Attestation Required by Final HIPAA Regulations Supporting Reproductive Health Care Privacy

Verrill on

On April 26, 2024, the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) published Final Regulations under HIPAA’s Privacy Rule introducing greater protections for information related to...more

Fisher Phillips

Insider Threats to Healthcare Data: What You Need to Know and 5 Steps You Can Take Now

Fisher Phillips on

Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Mintz - Health Care Viewpoints

OCR Cybersecurity Newsletter Emphasizes Significance of HIPAA Sanction Policies

Mintz - Health Care Viewpoints on

The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more

Baker Donelson

Office For Civil Rights Seeks Input on Implementation of HITECH Amendments

Baker Donelson on

On April 6, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking public comment on "recognized security practices" and on sharing civil...more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

McGuireWoods LLP

Small Businesses Are Not Safe from Big HIPAA Liability

McGuireWoods LLP on

In the first published enforcement action of 2020, a gastroenterology practice in Ogden, Utah, has agreed to pay a $100,000 settlement to the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) for...more

Health Care Compliance Association (HCCA)

[Event] March Privacy Compliance Academy - March 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on

Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more

Dickinson Wright

Understanding the HIPAA Security Rule and Tailoring Policies to Fit Your Business

Dickinson Wright on

Purpose and Practicality - The HIPAA Security Rule was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered...more

Robinson+Cole Data Privacy + Security Insider

Cottage Health Settles with OCR for $3M

Robinson+Cole Data Privacy + Security Insider on

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more

Mintz - Health Care Viewpoints

HIPAA Penalties For Failure to Cut Off Access To Former Employee

Mintz - Health Care Viewpoints on

It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical...more

Mintz - Health Care Viewpoints

Another HIPAA Settlement for Failure to Enter Into a BAA

Mintz - Health Care Viewpoints on

Last week, the Office for Civil Rights (OCR) announced that it had reached a settlement with a contract physician group based in Florida to resolve potential HIPAA violations relating to the sharing of protected health...more

Tucker Arensberg, P.C.

Phase II of HIPAA Audits Underway

Tucker Arensberg, P.C. on

The HHS Office for Civil Rights (“OCR”) recently published an announcement describing the next phase of HIPAA audits of covered entities and business associates. As part of this second phase of the audit program, OCR will be...more

Womble Bond Dickinson

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

17 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide