What Business Associates Need to Know about HIPAA
Clearwater Compliance will present a complimentary webinar describing best practices for business leaders, managers and professionals with responsibility for HIPAA privacy, security, compliance or risk management.
The webinar will be Thursday, Dec. 18, at 11 a.m. Central time.
On its website, Clearwater says the HIPAA Omnibus Final Rule (Final Rule), finalized in 2013, made substantial changes to the obligations and liabilities of business associates (BAs) and their subcontractors. These changes implement provisions of the Health Information Technology for Economic and Clinical Health Act (HITECH Act), which sought to make business associates more accountable for the use, disclosure and security of protected health information (PHI). Business Associates, and their subcontractors, now face HIPAA enforcement actions and are directly liable for violating the HIPAA Security Rule, as well as certain provisions of the Privacy and Breach Notification Rules.
The Final Rule extended the definition of “business associate” to include a “subcontractor that creates, receives, maintains, or transmits protected health information on behalf of the business associate.” Although the Final Rule has been in effect for over a year, most BAs, and subcontractors, are not compliant and many don’t know where to start. Clearwater says.
