We have received a lot of questions from our clients regarding the changes to HIPAA from the HIPAA Omnibus Rule. The most common question to date has been around Business Associate Agreements (BAAs). The questions come from covered entities as well as business associates. The question is basically the same for a different perspective. We...
The Federal government is not being shy or covert about the increase in HIPAA enforcement that is about to occur. Covered Entities (Physician Practices and Hospitals) as well as Business Associates (Contractors and Subcontractors of Covered Entities) should have no doubt that compliance with HIPAA is no longer an optional activity. There is no way...
As we mentioned here and here, the HIPAA Omnibus Rule has a significant impact on HIPAA Business Associates. There is some debate over exactly who is a Business Associate regarding Cloud Providers. One thing that seems clear is, if you are storing protected health information (PHI) unencrypted at a Cloud Provider, the Cloud Provider most...
In a previous blog we discussed the new HIPAA Omnibus regulations as they related to Business Associates (BA). Let’s take a look at the HIPAA Omnibus regulations for Business Associates as they relate to Covered Entities (CE). Business Associates Agreements CEs have been required to have Business Associate Agreements (BAAs) with BAs for quite a...
There is lots of buzz about the changes to Business Associates under the new HIPAA Omnibus Rule. Let’s take a look at some of the items that both Covered Entities (CE) and Business Associates (BA) should know about the new HIPAA changes. Who are Business Associates? The definition of Business Associates for the most part...
Leon Rodriguez, director of the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) recently conducted an interview with HealthcareInfoSecurity. Click on the link to listen to the full interview. Rodriguez gave some valuable insight into OCR’s plans for 2013 and beyond as well as guidance that organizations should follow to protect...
Dom Nicastro over at HCPro gives insight into the status of the OCR audit program for 2013. Top OCR officials have made it clear the audit program will continue next year, says Mac McMillan, FHIMSS, CISM, cofounder and CEO of CynergisTek, Inc., in Austin, Texas. There will be more audits going forward; HITECH requires them,...
In the Ponemon 2011 Cost of Data Breach Study, 41% of breaches were due to third party mistakes. Take a step back and think about the impact of that number. The use of third party organizations are more and more common. According to the HHS.gov website, some examples of third party / business associates include:...
© 2025 · HIPAA Secure Now!
Recent Comments