Month: October 2017

Third-Party Vendors – Don’t Let This Happen To You!

Did you know? In 2013, the Final Omnibus Rule updated the HIPAA Security Rule and Breach Notification clauses of the HITECH Act. As a result every Business Associate (BA) that creates, receives, maintains, or transmits electronic Protected Health Information (ePHI) is required to perform a comprehensive enterprise-wide HIPAA Security Risk Analysis (Per: §164.308(a)(1)(ii)(A)). This means …

Third-Party Vendors – Don’t Let This Happen To You! Read More »

Yes, Dorothy a Risk Analysis is Required!

A Business Associate (BA) is someone who performs services that involve the disclosure of Protected Health Information (PHI), such as claims processing, utilization review, billing, quality assurance, or benefit managers. Companies performing other types of services, such as legal, accounting, financial, or administrative services may also be considered BAs if they need to have access …

Yes, Dorothy a Risk Analysis is Required! Read More »

HIPAA Risk Analysis

Did you know? ALL Business Associates (BAs) are required to perform a HIPAA risk analysis to identify their potential Administrative, Physical and Technical security risks to electronic protected health information (ePHI). The Administrative Safeguards provisions require BAs to perform risk analysis as part of their security management processes. The results of the risk analysis will …

HIPAA Risk Analysis Read More »