HIPAA Business Associate
HIPAA Business Associates, in general terms, are companies or other organizations who contract with HIPAA “Covered Entities” (Health payers, health providers and clearinghouses) and create, use, transmit or maintain confidential patient information (Protected Health Information or PHI). Beginning in 2013, HIPAA Business Associates are themselves regulated by the HIPAA regulations and are subject to both civil and criminal penalties for violations of the rules.
Eagle works with clients in healthcare and healthcare business associates to ensure HIPAA Security compliance. We provide a set of HIPAA Policy Templates for a variety of business associate types including Cloud Vendors, Third Party Administrators, and Information Technology companies.
The Provider Third Party Risk Management Council, made of a consortium of leading hospitals, introduced a new approach to third-party risk management. How can you better serve them? The solution is simple – any vendor of a certain size who wishes to do business with one the member hospitals must successfully complete – and annually maintain — a certification using the HITRUST CSF. Member hospitals will accept a HITRUST certification as evidence of a robust security program. No questionnaires or further dialog is necessary.Read More
HIPAA Business Associates have experienced HIPAA breach fines in the millions of dollars. Eagle Consulting offers HIPAA Policy Templates specifically tailored to different types of Business Associates, including cloud computing vendors, IT managed services companies, and third-party administrators.Read More
How do you ensure cloud storage HIPAA compliance? There are a number of file storage services in the cloud and if you are designated a business associate for a healthcare payer or provider you need to form the right policies and agreements.Read More
Healthcare organizations are increasingly using cloud computing vendors for electronic records, billing and revenue cycle management, file sharing, backup, and a wide variety of other functions — and HHS Office for Civil Rights (OCR) has released important new guidance for these companies.Read More