HIPAA Business Associates: New Application of HIPAA Rules and Requirements
New HIPAA Rules May Mean New Relationships -- And New Contracts -- For You And Your Business Associates. Are You Ready?
As per new HIPAA rules, Business Associates are now covered directly under the Privacy Rule’s use and disclosure limitations and the Security Rule’s safeguard provisions, and will be responsible for their own compliance with the regulations and may be held directly liable for any violations of the regulations. The new requirements have a direct impact on what needs to be put into the business associate agreements you establish. In addition, other changes put into effect new rights of individuals to receive electronic copies of information held electronically, ask for certain restrictions on disclosures, and other capabilities that Business Associates may need to provide for their covered entity clients.
All kinds of covered entities, and now, business associates of covered entities as well, need to review their HIPAA compliance, policies, and procedures to see if they are prepared to meet the changes in the rules. In addition, we'll discuss what covered entities should do to ensure good practices by their Business Associates in order to avoid the considerable expense of breaches.
Register for this 60-minute audio conference where our expert Jim Sheldon-Dean, will review new regulations with their effects on usual practices for Business Associates and their relationships with covered entities. Jim will describe the kinds of entities that now qualify as Business Associates. He will explain what a Business Associate needs to do differently under the new regulations, provide a policy framework for information security, show what policies need to be changed and how, and describe the required and recommended elements of a Business Associate Agreement. The new enforcement penalty structure and the latest plans for audits by HHS OCR will be described and a plan for being prepared for audits will be discussed.
Here's What You'll Learn:
- Business Associates have new requirements to comply with HIPAA privacy protections and security safeguards and are subject to enforcement and penalties directly by HHS.
- Sub-contractors of Business Associates are also considered to be Business Associates under the new rules.
- Health Information Exchanges, Regional Health Information Exchanges, and e-Prescribing gateways are now considered to be Business Associates
- The new regulations change the way individuals have access to their records, how much they can find out about who has accessed their records, and allow new rights to restrict certain disclosures, and Business Associates who supply EHR services will need to provide those capabilities.
- Business Associate Agreements are now more important than ever, because breaches by Business Associates are common and carry tremendous expenses for the affected covered entities.
- New limitations on marketing and fund-raising may change how entities can reach out to individuals, and may change business associate relationships.
- New audit and penalty requirements increase the need to make sure covered entities and Business Associates are in compliance before HHS OCR knocks on the door.
- The new penalty structure and the new audit program mean that you are more likely to be audited for HIPAA compliance, and you may be facing significantly higher penalties for non-compliance than ever before.
Ask a question at the Q&A session following the live event and get advice unique to your situation, directly from our expert speaker.
Who should attend? Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer
Order Below or Call 1-866-458-2965 Today
- Elin Baklid-Kunz, MBA, CHC, CPC, CCS
- Jim Sheldon-Dean,
- Kim Garner-Huey, MJ, CPC, CCS-P, PCS
- Thomas Force,
- Duane Abbey, Ph.D.
- Jim Sheldon-Dean,
About Our Speaker
Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a variety of health care providers, businesses, universities, small and large hospitals, urban and rural mental health and social service agencies, health insurance plans, and health care business associates.
Sheldon-Dean serves on the HIMSS Information Systems Security... More Info
More Events By The Speaker
- Save money on travel.
- Meet your specific training needs.
- Keep learning after the event.
- Save time training your whole staff.