In simple summary, a Business Associate Agreement (BAA) is a legal contract that exists between a Covered Entity and a Business Associate who comes into contact with Protected Health Information (PHI). Sometimes called a Business Associate Contract, it is critical and required to maintain HIPAA compliance. With the main bulk of PHI being stored electronically,...
The pandemic pivot that seemed as if it would be temporary a few years ago, those behaviors that redirected how we work and live, is now a seemingly permanent modification. Remote work, telehealth, and the increasing use of products that are part of the IoT, or the internet of things, have provided us with increased...
The HIPAA Breach Notification Rule is a requirement put in place that requires HIPAA-covered entities and their business associates to “provide notification following a breach of unsecured protected health information.” The details provide an outline for how healthcare providers, hospitals, and physicians must notify the affected individuals, the Secretary of the U.S. Department of Health...
Recently the Department of Health and Human Services (HHS) along with the Office for Civil Rights (OCR) issued an announcement regarding extreme risk protection order (ERPO) laws and the disclosure of protected health information (PHI). This published model was created as a way to provide each state with a framework to consider as they implement...
As we wrap up another calendar year, getting ready for holiday break means wrapping up more than presents. Take a moment to go over a few items that you should review to make sure they are done for 2021 or ready to go in the new year. Security Risk Assessment A Security Risk Assessment, or...
HIPAA Right to Access Initiative is Alive & Well In 2019 we witnessed the Office for Civil Rights (OCR) make it public that they were going to up their efforts when it came to enforcing the rights of an individual to access their health records. This is known as the HIPAA Right of Access initiative. ...
No, there isn’t such a rating system, but it might be something to consider. There are many different communication platforms that healthcare providers can use to communicate with each other, such as email, instant messenger systems, and even through social media sites. While these platforms can be very useful for communicating quickly and easily, they...
Working in healthcare means that you are certainly aware of HIPAA’s existence, but it doesn’t necessarily mean you are the resident expert on what constitutes compliance. You know what you can or can’t do – generally speaking. Most likely, you follow the rules as they are explained to you, and don’t deviate much from that....
The HIPAA Security Rule requires healthcare providers and their business associates to implement physical, technical, and administrative safeguards to protect the electronic Protected Health Information (PHI) that they utilize. It establishes national standards to protect that information. These standards apply not just to covered entities, but any organization that handles PHI – including subcontractors and business associates. Administrative safeguards (also called...
Cloud Hosting & HIPAA Compliance When you think of trends in healthcare, what comes to mind? Maybe it’s a particular EMR system, new machines in the office, ways in which you communicate with patients… the list goes on. One thing is for sure when we think about all the ways that healthcare has changed over...
Recent Comments