HIPAA Business Associate Compliance and Dangers

Topics

• Explanation of how HIPAA (Health Insurance Portability and Accountability Act)Rules apply to BAs
• Serious Business Associate HIPAA Violations - A brief review of current OCR BA Enforcement and Class Action lawsuits based on BA HIPAA violations
• Business Associate Agreements and the Key Agency Issue – Don’t make your BA or Subcontractor BA your legal agent by mistake as many do
• Security, Privacy, and Breach Notification Rules
• CE Due Diligence for BAs and BA Due Diligence for Subcontractor BAs

Who should Attend

HIPAA Covered Entities (CEs) and Business Associates (BAs) including:

• Practice Management Companies
• Billing and Coding companies
• Data Storage firms (electronic and paper)
• IT Vendors
• Vendors of patient satisfaction surveys
• Secure and unsecured providers of PHI email and text message services
• Law and Accounting Firms
• PHI record retrieval and release of information vendors
• CE Owner – CEO – COO Compliance Manager
• Health Plan Third-Party Administrators
• Healthcare Practice Manager
• Board of Directors – for-profit and non-profit CEs
• BA Owner – CEO – COO
• Administrator, Long-Term Care Facility
• Compliance, Information Security, and Risk Management Directors
• Security and Privacy Officers
• Attorney – General Counsel, Associate General Counsel, Inside Compliance Attorney, Outside Health Law Attorney
• Business Manager