HIPAA Business Associates - Expanded Rules And Requirements For Healthcare-Related Businesses

Event Information
Product Format
Prerecorded Event
60 Minutes
Product Description

Comprehend the New HIPAA Compliance Obligations for Business Associates

New updates to the HIPAA regulations now being enforced contain numerous changes , for the most part, on The HITECH Act passed in 2009.  Some of the most significant changes have to do with how Business Associates of HIPAA covered entities are treated under the regulations.  HIPAA Business Associates are now covered directly under the Privacy Rule’s use and disclosure limitations, the Security Rule’s safeguard provisions, and the Breach Notification Rule’s notification requirements, will be responsible for their own compliance with the regulations, and may be held directly liable for any violations of the regulations.

The latest regulations also change such things as to who is a Business Associate: the definition now casts a much wider net of healthcare business activities, including any business that creates, receives, maintains, or transmits any Protected Health Information on behalf of a HIPAA Covered Entity or Business Associate, and even sub-contractors of Business Associates are also treated as business associates, greatly expanding the pool of entities under regulation to some that may not even be aware they have become HIPAA Business Associates.

Because the new regulations have expanded the obligations of HIPAA Business Associates, it is now more important than ever to carefully consider whether a BA designation is appropriate or not – Business Associate Agreements are not to be entered into lightly.  The new requirements have a direct impact on what needs to be put into the business associate agreements you establish. Plus, other changes put into effect new rights of individuals to receive electronic copies of information held electronically, ask for certain restrictions on disclosures, and other capabilities that Business Associates may need to provide for their covered entity clients. The business associates of covered entities now have to review their HIPAA compliance, policies, and procedures to see if they are ready to meet the changes in the rules. Recently, the Business Associates have emerged as a top source of health information breaches.

Join Jim Sheldon-Dean in this informative session to get insights on what covered entities should do to guarantee good practices by their Business Associates so as to avoid the considerable expense of breaches. He will shed light on the new regulations and their effects on usual practices for Business Associates and their associations with covered entities.

In this 60 minute audio session, Jim will:

  • Discuss the kinds of entities that now qualify as Business Associates and why it is significant to carefully consider the designation before using it
  • Provide an overview of what all a Business Associate needs to do under the new regulations
  • Provide a policy framework for information security and show what policies need to be changed and how
  • Describe the required and recommended elements of a Business Associate Agreement, including identifying the template language provided by the US Department of Health and Human Services and its role in the process
  • Discuss the role of State Attorneys General in enforcing HIPAA and how it relates to Business Associates
  • Talk about the new enforcement penalty structure and the latest plans for audits by HHS OCR and will provide a plan for being prepared for audits

Session Highlights:

  • Business Associates have new requirements to comply with HIPAA privacy protections and security safeguards, and are subject to enforcement and penalties directly by HHS
  • Health Information Exchanges, Regional Health Information Exchanges, and e-Prescribing gateways are now considered to be Business Associates, and Sub-contractors of Business Associates are also considered to be Business Associates under the new rules
  • The new regulations change the way individuals have access to their records, how much they can find out about who has accessed their records, and allow new rights to restrict certain disclosures, and Business Associates who supply EHR services will need to provide those capabilities
  • Business Associate Agreements are now more important than ever, because breaches by Business Associates are becoming more common and carry tremendous expenses for the affected covered entities
  • New limitations on marketing and fund-raising may change how entities can reach out to individuals, and may change business associate relationships
  • New audit and penalty requirements increase the need to make sure covered entities and Business Associates are in compliance before HHS OCR knocks on the door
  • The new penalty structure and the new audit program mean that you are more likely to be audited for HIPAA compliance, and you may be facing significantly higher penalties for non-compliance than ever before
  • HHS is not the only enforcer of the new rules, State Attorneys General can also initiate HIPAA enforcement actions against covered entities and business associates under the law, regardless of the regulations

The speaker will answer your questions after the session to help you with the doubts and queries you may have

Who should attend Compliance Manager, HIPAA Officer, Chief Information Officer, Health Information Manager, Medical Office Manager, Medical Practice Lawyer, CFO, CEO, COO. Privacy Officer, Information Security Officer

Order Below or Call 1-866-458-2965 Today

You can also order through:




About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...   More Info
More Events By The Speaker

Why AudioEducator?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.
Join Our Mailing List
Our Accreditation Partners
Facebook Twitter Linkedin Youtube RSS Feeds Google Plus