What is a HIPAA Business Associate?
Simply stated, a HIPAA Business Associate is an organization or individual that performs services for a covered entity (healthcare organization) that has access to protected health information (PHI). PHI is also known as patient information.
What is the new rule for Business Associates?
From the Executive Summary of the HIPAA Omnibus rule:
Make business associates of covered entities directly liable for compliance with certain of the HIPAA Privacy and Security Rules’ requirements.
Business Associates are required to do the following:
- Implement policies and procedures that address the HIPAA Security Rule administrative, physical and technical safeguards
- Ensure that all employees receive HIPAA security training on how to protect PHI
- Perform a detailed HIPAA Risk Assessment to determine how an organization is safeguarding PHI.
HIPAA Secure Now! Business Associate Program
We have taken our customer acclaimed HIPAA Secure Now! service and expanded it to Business Associates. We have been helping Business Associates achieve HIPAA compliance since we first started our service. However, with all of the interest that we have been receiving since the HIPAA Omnibus regulations have been released, we decided to formalize the Business Associate Program into a distinct service offering.
What is the HIPAA Secure Now! Business Associate Program?
The Business Associate Program is the same detailed service that we have developed for Covered Entities (Medical Practices and Hospitals) but customized for the needs of Business Associates.
- The service provides customized Business Associate policies and procedures that address the HIPAA Security Rule administrative, physical and technical safeguards
- HIPAA security training that is specific to the needs of Business Associates
- A detailed HIPAA Risk Assessment to determine how an organization is safeguarding protected health information (PHI).
Is your organization a Business Associate?
Take our 4 question quiz