HIPAA Business Associate
HIPAA Business Associates, in general terms, are companies or other organizations who contract with HIPAA “Covered Entities” (Health payers, health providers and clearinghouses) and create, use, transmit or maintain confidential patient information (Protected Health Information or PHI). Beginning in 2013, HIPAA Business Associates are themselves regulated by the HIPAA regulations and are subject to both civil and criminal penalties for violations of the rules.
Eagle works with clients in healthcare and healthcare business associates to ensure HIPAA Security compliance. We provide a set of HIPAA Policy Templates for a variety of business associate types including Cloud Vendors, Third Party Administrators, and Information Technology companies.
The Provider Third Party Risk Management Council, made of a consortium of leading hospitals, introduced a new approach to third-party risk management. How can you better serve them? The solution is simple – any vendor of a certain size who wishes to do business with one the member hospitals must successfully complete – and annually maintain — a certification using the HITRUST CSF. Member hospitals will accept a HITRUST certification as evidence of a robust security program. No questionnaires or further dialog is necessary.Read More