News & Analysis as of

Business Associates Personally Identifiable Information Data Protection

Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as... more +
Business Associates can refer broadly to individuals engaged in business relationships with one another. However, in the HIPAA context, the term has a specific statutory meaning and those characterized as business associates have expanded data protection obligations and duties. Essentially, a business associate under HIPAA is a person or entity that performs certain functions or services which necessitates exposure to protected health information on behalf of a covered entity. Typical business associate functions include: claims processing or administration, data analysis, billing, etc.    less -
Troutman Pepper Locke

3 Takeaways From Recent Cyberattacks On Healthcare Cos.

Troutman Pepper Locke on

Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more

Foley & Lardner LLP

OCR Clarifies Direct Liability for Business Associates under HIPAA

Foley & Lardner LLP on

On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more

Robinson+Cole Data Privacy + Security Insider

OCR Issues Fact Sheet Listing Circumstances in which Business Associates May Face Direct Liability for HIPAA Violations

Robinson+Cole Data Privacy + Security Insider on

In a development that may – understandably – have been overlooked by many heading into Memorial Day weekend, on May 24, 2019, the Health and Human Service’s (HHS) Office for Civil Rights (OCR) issued a Fact Sheet on Direct...more

Dickinson Wright

Understanding the HIPAA Security Rule and Tailoring Policies to Fit Your Business

Dickinson Wright on

Purpose and Practicality - The HIPAA Security Rule was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered...more

Robinson+Cole Data Privacy + Security Insider

Cottage Health Settles with OCR for $3M

Robinson+Cole Data Privacy + Security Insider on

We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more

Sheppard Mullin Richter & Hampton LLP

Company’s Vendor Suffers Breach, No Business Associate Agreement, $500K OCR Settlement

Sheppard Mullin Richter & Hampton LLP on

A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more

Perkins Coie

Potential HIPAA Pitfalls for Developers of Healthcare Apps

Perkins Coie on

As federal and state governments struggle to address future healthcare regulation, demand for healthcare that is cheaper, better and faster continues to surge. Every day, new healthcare apps are being developed to respond...more

Robinson+Cole Data Privacy + Security Insider

OCR Urges Covered Entities and Business Associates to Use HTTPS

Robinson+Cole Data Privacy + Security Insider on

New guidance from the Office for Civil Rights (OCR) urges covered entities and business associates to use Secure Hypertext Transport Protocol (HTTPS) to protect communications from vulnerabilities. According to OCR, the...more

Stinson LLP

HHS Publishes New Guidance on HIPAA and Cloud Computing

Stinson LLP on

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Mintz - Health Care Viewpoints

Data-Harvesting Zombie Hackers, Blood-Thirsty Auditors, and Other Reasons to be Scared on Halloween

Mintz - Health Care Viewpoints on

This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more

Womble Bond Dickinson

Is Your HIPAA Compliance Program Ready for the FTC?

Womble Bond Dickinson on

Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more

Parker Poe Adams & Bernstein LLP

Office of Civil Rights Delays Phase 2 Audits

Parker Poe Adams & Bernstein LLP on

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

Mintz - Privacy & Cybersecurity Viewpoints

Business Associates Beware

Mintz - Privacy & Cybersecurity Viewpoints on

If you haven’t yet caught up with the new HIPAA Omnibus Rule and its consequences for those businesses who are not themselves healthcare providers, but are service providers to healthcare entities (and even further downstream...more

Morgan Lewis

Final Rules Under HIPAA/HITECH Impact Employer Plans

Morgan Lewis on

Modifications to the rules require action by group health plan sponsors and their vendors, including revisions to policies and procedures and new privacy notices. On January 17, the Office for Civil Rights of the U.S....more

BakerHostetler

Be Prepared: Redline Version of the HIPAA/HITECH Final Rule

BakerHostetler on

The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”)....more

Pullman & Comley, LLC

Why Medical Providers Should Take Caution with Sensitive Information, Especially With Mobile Devices

Pullman & Comley, LLC on

We continue to hear reports of large-scale data breaches that involve the loss or theft of thousands of records containing personally identifiable information of individuals (PII). If such a loss or theft is determined to...more

16 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide