HIPAA and business associates: Free white paper
HIPAA Weekly Advisor, July 13, 2009
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
The lax compliance with the HIPAA Privacy and Security Rules is over for business associates (BA).
For the first time since HIPAA became law in 2003, BAs are directly responsible for compliance with its Privacy and Security Rules, pursuant to the new Health Information Technology for Economic and Clinical Health (HITECH) Act. BAs are organizations that provide some service for or on behalf of a healthcare provider or payer, and that service involves access to PHI.
Until President Obama signed the American Recovery and Reinvestment Act of 2009 (ARRA) into law February 17, only covered entities were required to comply with the Privacy and Security Rules.
However, HITECH, specifically Title XIII of ARRA, requires BA to comply with the Security Rule in its entirety and the disclosure provisions of the Privacy Rule. The compliance date is February 18, 2010.
“I’ve done over 150 business associate security and privacy program reviews, and one of the most common answers I get from business associates is that, ‘Well, HIPAA does not apply to us,’” says Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI. Herold serves as privacy, security, and compliance consultant at Rebecca Herold & Associates, LLC, in Des Moines, IA. “They can’t say that anymore. They can no longer argue that they don’t have to have safeguards in place.”
Editor’s note: This was an excerpt from the HCPro, Inc. white paper, Business Associates and HIPAA: What BAs need to know to comply with HIPAA privacy and security rules.
Download a free copy of the white paper.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- 2010 ICD-9 code updates now available online
- The Joint Commission extends its accreditation to advanced diagnostic imaging
- FDA extends time to replace Steris sterilizing system
- Use PEPPER reports to stay on top of common coding errors
- CMS clarifies physician signatures needed on all lab orders
- Greeley Reflections
- Q&A: EHR audit log retention
- Q/A: Select correct revenue code for packaged drugs
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- See one, do one, teach one: Do you have a peer review training program?
- E-mailed
-
- FDA extends time to replace Steris sterilizing system
- Q&A: Impact of SOI/ROM on DRG assignment
- The Joint Commission extends its accreditation to advanced diagnostic imaging
- CMS clarifies physician signatures needed on all lab orders
- Use PEPPER reports to stay on top of common coding errors
- Q/A: Select correct revenue code for packaged drugs
- Credentialing and privileging monthly: ABP may point maintenance of certification in a new direction
- Meaningful use calls for meaningful risk analysis
- Watch for corridor clutter under top-cited LS.02.01.20
- Cohesive History and Physical Requirements
- Searched
