News & Analysis as of

Business Associates Health Care Providers

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Maynard Nexsen

Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon...

Maynard Nexsen on

This week on the podcast, Lynnsey and Lauren are joined by their colleague, Maynard Nexsen healthcare attorney Shannon Lipham, who helps healthcare providers and practices navigate complex federal and state regulations....more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Health Care Compliance Association (HCCA) on

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Bradley Arant Boult Cummings LLP

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

Bradley Arant Boult Cummings LLP on

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more

Fisher Phillips

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures

Fisher Phillips on

The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more

McCarter & English, LLP

Proposed HIPAA Security Rule Amendments: Not Too Soon to Take Stock

McCarter & English, LLP on

On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more

Morgan Lewis

HHS Proposes Major 2025 Update to HIPAA Security Rule

Morgan Lewis on

For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to...more

Holland & Knight LLP

Big Changes Proposed for the HIPAA Security Rule

Holland & Knight LLP on

The U.S. Department of Health and Human Services (HHS) has issued an unpublished Notice of Proposed Rulemaking (NPRM) that strengthens the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and, if...more

Holland & Knight LLP

HIPAA Tidings: A Look at OCR's Recent Enforcement Actions

Holland & Knight LLP on

In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

BakerHostetler

DSIR Deeper Dive: Tracking the Crackdown on Tracking/Pixel Technologies: Web Litigation and Regulatory Landscape - Part 2

BakerHostetler on

In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more

Health Care Compliance Association (HCCA)

Recognized Security Practices ‘Saved’ Covered Entity $60K of $300K Fine, But Which Ones Remain a Mystery

Health Care Compliance Association (HCCA) on

Covered entities (CEs) and business associates (BAs) may receive a “discount” for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more

Winstead PC

HIPAA Gets a Potential Counterpart in HISAA

Winstead PC on

Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more

Health Care Compliance Association (HCCA)

BAAs: If and when third parties receiving PHI for research qualify as BAs under HIPAA

Health Care Compliance Association (HCCA) on

A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more

Dentons

Ep. 37 – Updating HIPAA Policies to Address HHS’ New Reproductive Health Care Rule

Dentons on

Effective December 23, 2024, HIPAA-covered entities and their business associates will be required to comply with new restrictions on how protected health information may be used and disclosed for certain purposes relating to...more

Health Care Compliance Association (HCCA)

HHS Abandons Appeal in Public Website Pixel Case, But CEs and BAs Should Expect Continued Scrutiny

Health Care Compliance Association (HCCA) on

The HHS Office for Civil Rights (OCR) has abandoned its appeal of a federal judge’s ruling overturning OCR’s guidance prohibiting covered entities (CEs) and business associates (BAs) from using the web-tracking technologies...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - December 9th - 12th, San Diego, CA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - November 18th - 21st, Boston, MA

Health Care Compliance Association (HCCA) on

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Holland & Knight LLP

Business Associate Agreements Matter: Demystifying the Perceived Simplicity of HIPAA Agreements

Holland & Knight LLP on

For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and...more

BCLP

Federal Court Rejects Motion to Dismiss Wiretap Claims Using HIPAA to Support Crime-Tort Exception Allegations

BCLP on

It has now become commonplace for Plaintiffs’ attorneys to bring claims alleging that routine marketing techniques, including the deployment of behavioral advertising cookies and pixels, constitute wiretaps in violation of...more

Verrill

HHS Issues Model Attestation Required by Final HIPAA Regulations Supporting Reproductive Health Care Privacy

Verrill on

On April 26, 2024, the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) published Final Regulations under HIPAA’s Privacy Rule introducing greater protections for information related to...more

Holland & Knight LLP

Five Red Flags in De-identification and Data Monetization for Healthcare Companies

Holland & Knight LLP on

Healthcare providers running on thin margins or just seeking new (and in the case of tax-exempt providers, permissible) revenue sources may jump at the chance when third party vendors offer to help them monetize their patient...more

Bricker Graydon LLP

The Rise of AI in Healthcare: Balancing Innovation and Compliance

Bricker Graydon LLP on

The popularity of Artificial Intelligence (AI), particularly OpenAI's ChatGPT, has rapidly increased since its release in November 2022. In healthcare, Generative AI (GAI) tools like ChatGPT can revolutionize workflows by...more

Goodwin

Federal Judge Vacates Health and Human Services Pixel Tracking Guidance

Goodwin on

On June 20, 2024, a Texas federal judge ruled that guidance published by the Department of Health and Human Services (the Department) prohibiting covered entities from disclosing information collected by third-party...more

BakerHostetler

Northern District of Texas Flashes the ‘Blue Lights’ on OCR’s Pixel Guidance

BakerHostetler on

On June 20, 2024, the Northern District of Texas issued its final order in American Hospital Association, et al. v. Becerra, et al. (AHA), granting the plaintiffs’ (the American Hospital Association, two Texas health systems...more

Venable LLP

Federal Court Strikes Blow to HHS Guidance on “Online Tracking Technologies”

Venable LLP on

Last week, a federal district court in Texas issued a decision declaring unlawful and vacating a central component of a guidance document (the Bulletin) from the Department of Health and Human Services (HHS) Office for Civil...more

301 Results
 / 
View per page
Page: of 13
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide