HIPAA Impacts to Business Associates
Am I A Business Associate?
Are you performing functions for or on behalf for the Health Care Industry? Depending on the services you provide you could be responsible for complying with the Health Information Portability and Accountability Act of 1996, amendments made by the American Recovery and Reinvestment Act of 2009 and the modifications to Privacy and Security made January 25, 2013 with the Omnibus Rule.
If servicing the health care industry is important to the financial success of your business, call Caris, we can help you be a better Business Associate! (920) 639-6615.
Do you access, create, store, modify, transmit or receive protected health information on behalf of your clients? Chances are if you are accessing or using protected health information to perform these functions you are a buisness associate to your clients.
Do you support others who may be a buisness associate? If so, you would be a subcontractor also responsible for complying with the rules.
Caris can help you determine the compliance responsibilities for your organization. 920-639-6615
Do you have an updated Business Associate Agreement in place with your Covered Entity clients? Written satisfactory assurances are required under the rule between a Covered Entity and Business Associate or Business Associate and their subcontractors.
Caris can help you to identify the agreements that are necessary, update the language and manage the revisions with your covered entities or your subcontractors.
The Final Omnibus rule solidified the changes and amendments of the ARRA requiring all Business Associates to comply with Security as well as many components of Privacy. Civil and criminal penalties can still be applied to the Business Associate and written satisfactory assurances or the Business Associate Agreements were required between the Covered Entity and Business Associate and the Business Associate and their subcontractors to ensure compliance downstream.
Caris can assist you with building and implementing an appropriate compliance plan to manage your risks, integrate the necessary changes and modifications into your daily pracitces and provide you with compliance expertise as your Privacy Official. (920) 639-6615
The American Recovery and Reinvestment Act (ARRA) of 2009 requires Business Associates to comply with Security rules for Administrative, Physical, Technical Safeguards and Organizational requirements under that rule. In addition, Business Associates would now be accountable for the Civil Monetary Penalities that could be applied for non-compliance.
Caris can assist you wih the appropriate Security Risk Analysis to determine your risks, threats or vulnerabilities for the activities you are performing as well as risk of Penalties for non-complaince. (920) 639-6615