Business Associates Are a High Priority – What to Do?

For Covered Entities: if you are a Covered Entity receiving protected health information directly from patients, you should know the basics about HIPAA compliance within your office. And if you’re using The HIPAA E-Tool® you have the best protection available. But are you aware of how important your Business Associates are to your compliance plan? It is critical that you know which of your business relationships are BA’s (some may not be). Once identified, do you have a good BA agreement in place, AND have you done your due diligence regarding their activities?

Examples of typical BA’s for healthcare providers of every size are billing and collection firms, accountants, lawyers, and electronic health records (EHR) providers. But there are likely others, depending on your practice. Basically, any person or entity with whom you do business who “creates, receives, maintains or transmits” protected health information. Excerpt from The HIPAA E-Tool® below:

Why should you care? The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services has recently begun audits of Business Associates – if one of yours is audited and found to be non-compliant, you are liable. You can protect yourself though, by first identifying who your BA’s are, then implementing the right BA agreement, and finally by conducting the due diligence required of you to ensure they’re following the law.

For Business Associates: if you’ve gotten this far, you probably know who you are! The HIPAA E-Tool® is written with you in mind also. Everything you need is there: policies, procedures, forms, a Risk Analysis tool, the Breach Notification rule – and more.

Share This Post

Share on facebook
Share on twitter
Share on linkedin

Maggie Hales

Maggie Hales is a lawyer specializing in health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2019 The ET&C Group LLC.
The HIPAA E-Tool® is a registered trademark of The ET&C Group LLC
Terms of Service | Privacy Policy