During its investigation, the OCR found that the hospitalist group had never entered into a business associate
agreement for billing services with First Choice, as required by HIPAA, and that the practice also failed to adopt any policies regarding business associate
agreements until 2014, according to a Dec.
Lessons learned: The case illustrates the importance of having a business associate
agreement in place for all third parties that may have access to protected health information, Clinton Mikel, a Farmington Hills, Mich., health law attorney specializing in HIPAA compliance, said in an interview.
or business associate
, what type of health information can be deemed
He also said he met with Ajudua and his business associate
, Joseph Ochunor (now at large), in Ajudua 's office, and that Ochunor gave details of an account where the money would be paid into.
Summary: New Delhi [India], Feb 9 (ANI): In a bid to streamline and enable secure pay-outs and disbursements to its network of partners, distributors and individuals in the country, Rubique, in partnership with MatchMove India, announced the launch of its Prepaid Card - a new-age cashless solution which will facilitate payouts, working capital support, rewards and recognition benefits to its business associate
Lacking an encryption key does not exempt a CSP from business associate
status and obligations under the HIPAA Rules.
A cloud service provider is a HIPAA business associate
if the services that it performs for the covered entity involve the creation, receipt, maintenance, or transmission of ePHI.
If, for example, a health insurance agent who is a HIPAA business associate
uses a data storage company to store customer health data, the agent needs to get the data storage company to sign a business associate
Department of Health and Human Services' Office for Civil Rights (OCR) struck a $1.55 million settlement with North Memorial Health Care of Minnesota, which neglected to enter into a so-called HIPAA business associate
agreement with a contractor that had access to North Memorial's patient database.
Judging from these resolution agreements in these two cases, "the OCR considers business associate
agreements and security risk analyses as 'low-hanging fruit' for covered entities' HIPAA compliance," Lynn Sessions and Suchismita Pahi of BakerHostetler wrote in a blog post.
Every covered entity and business associate
is eligible for an audit, the OCR noted.