Header graphic for print
Workplace Privacy, Data Management & Security Report

Tag Archives: business associate

HIPAA Reminders – Business Associate Agreement Deadline and Continuation of OCR Audits

I recently had the pleasure of speaking to a great group at the Connecticut Assisted Living Association (CALA) about HIPAA and a range of related practical issues. Many covered entities and business associates, particularly those that are small businesses, continue to work on understanding the privacy and security standards, and how to best apply them in their… Continue Reading

HHS to Conduct Survey About Which HIPAA Covered Entities and Business Associates Should Be Audited

The Department of Health and Human Services announced on February 24 that it is seeking information about conducting a pre-audit survey. That is, it plans to conduct a “survey of up to 1200 [HIPAA] covered entities (health plans, health care clearinghouses, and certain health care providers) and business associates (entities that provider certain services to… Continue Reading

Final HIPAA Regulations: “Business Associates” Include Subcontractors, Data Storage Companies (Cloud Providers?)

Under the HITECH Act, business associates are subject to the HIPAA privacy and security rules (the "HIPAA Rules") virtually to the same extent as covered entities. In addition to implementing this change for business associates ("BAs"), and providing additional guidance concerning what entities are business associates, the final HIPAA regulations issued last week also treat certain subcontractors of BAs as BAs directly subject to the… Continue Reading

New Challenges for HIPAA Business Associates Under ARRA and HITECH

Have you noticed that negotiating that business associate agreement has gotten a lot more difficult? Many companies that serve health care providers and health plans, generally known as business associates, have noticed. These companies include software vendors, benefits brokers, cloud computing providers, data storage/destruction companies, and accountants, among others. The clients of these companies are… Continue Reading

Is Shredding Enough?

Continuing our thoughts on how disclosures of private or confidential information may adversely impact the institution and the persons affected by such disclosure, we now focus on something near and dear to lawyers’ hearts: paper shredding. Many businesses regularly shred documents they no longer need to protect them from disclosure. While this may secure the information contained… Continue Reading