Welcome HIPAA Business Associates!

Here’s what you need to know about HIPAA and being a Business Associate...

What is HIPAA?

HIPAA (an abbreviation) is the primary medical privacy law in the United States today.

What is a HIPAA “Business Associate”?

According to HIPAA law, any company or person that is exposed to, handles, or works with the data in medical records is a “Business Associate” of the medical entities they work for. HIPAA includes hard-copy medical and medical billing records, as well as electronic versions of these records.

What are HIPAA Business Associates required to do?

By February 18, 2010, among other things, all Business Associates must do the following…

  • Comply with HIPAA’s Security Rule – Implement specific policies & procedures; and implement physical, administrative, and technical safeguards to protect medical data.
  • Follow HIPAA’s Privacy Rule – Protect medical data from misuse; and follow the terms of new or existing Business Associate contracts.
  • Train All Employees on HIPAA and the Business Associate Requirements – Employees must be trained to provide the strongest protections to medical data.
  • Provide “Breach Notifications” if Medical Data is Compromised or Lost – Business Associates must promptly notify their medical entity partners – and in some cases, patients – if medical data in the Business Associates possession is compromised or lost.
  • Other Requirements Also Apply – This is not a comprehensive list. These items are only a portion of what Business Associates must do to comply by the February 18th deadline.

What if We Ignore HIPAA or Are Not Prepared for the Deadline?

HIPAA law was revised in 2009 to apply directly to Business Associates, and the penalties for violations are severe. Penalties for Business Associates for violations of HIPAA can be as high as $1.5 Million per year, and can include prison time for the most serious criminal offenses.

How Can We Learn What to Do and Be Compliant by the February Deadline?

First, educate yourself and your workforce. The HIPAA Group has been training medical entities and Business Associates across the nation for over seven years. We know HIPAA better than anyone. Our experts have testified in court about HIPAA, and thousands of medical entities and Business Associates trust The HIPAA Group to help them navigate HIPAA safely. You should too.

Please click the “Training”  and “Policies” buttons above to learn more or purchase your HIPAA training and Policies.