A Necessary Partnership: HIPAA Compliance and Business Associate Agreements

Published in Member Communities on May 21, 2019

data image

Your organization is likely always thinking of better ways to protect patients’ private information throughout the course of business. In order to do this best, it’s important that you establish a secure partnership with another organization in order to tighten security on patient data. If this seems like a foreign language to you and you don’t know where to start, we are here to help. Here’s everything you should know about this essential partnership.

What is a HIPAA Business Associate Agreement?

Let’s start with a brief definition of a business associate. A business associate is any organization or entity that you do business with where they handle your protected health information (PHI). Because you allow them to handle and accept the information, it creates potential HIPAA violations. The business associates are often subcontractors that are hired to maintain or transmit PHI. They could be a large organization or even a lawyer.

A business associate agreement (BAA) is a binding, legal document that holds both parties liable to any wrongful dissemination of patient data according to HIPAA. The agreement states that the business associate will protect the information or be liable to the information breach. The agreement or document should state the use and explain the cybersecurity precautions that will be taken to protect the data should there be a breach.  They should also agree to not knowingly share the data with anyone. If you want to know where you currently stand on issues of security, let us assess your organization’s risk and compliance.

Does my organization need this?

Before giving anyone outside of your organization access to patient data, it is imperative that you have a contract binding them to liability with a BAA. They will be held to the same standard as you when it comes to HIPAA regulations. Some examples of businesses you work with that should sign a BAA are: medical billing companies, shredders and technology providers.

According to the March 2019 Healthcare Data Breach Report from the HIPAA Journal Newsletter, there was roughly one healthcare data breach per day, which resulted in the private information of 912,992 individuals being exposed. It is in your organization’s best interest to have a BAA, as it creates a level of mutual liability and protection. When your partner knows that they will be held to HIPAA standards, they will be just as vigilant to protecting the data due to the level of accountability expected from them.

It’s important to cover all your bases to protect yourself and your patients with a competent partnership. Get Breach Protection now with VGM Technologies.


comments powered by Disqus

From Our Experts

A Breakdown of the SBA Paycheck Protection Program thumbnail A Breakdown of the SBA Paycheck Protection Program The Paycheck Protection Program (PPP) is the third phase of the government's $2.2 trillion government's relief package, the Coronavirus Aid, Relief, and Economic Security (CARES) Act. It was created to help small businesses cope with the COVID-19 outbreak. Complex Rehab Highlights on CMS Waivers and Rules thumbnail Complex Rehab Highlights on CMS Waivers and Rules CMS released new waivers and rules to increase the flexibility for healthcare providers during the COVID-19 pandemic. Here is a quick overview for CRT. CMS Announces New Waivers and Rules to Help Healthcare Providers thumbnail CMS Announces New Waivers and Rules to Help Healthcare Providers Yesterday, the Trump Admiration released an array of temporary regulatory waiver and new rules to help equip the healthcare community with flexibility during the COVID-19 pandemic. Our VGM Government team will continue to process the information and what it means for our members. Helping You Navigate COVID-19 thumbnail Helping You Navigate COVID-19 As we continue to try to decipher the vast amounts of information we get on a daily basis about the coronavirus and its impact on our healthcare system, economy, education, families, and all other facets of our lives, one fact is ultimately true—we are all in this together! Please continue to reach out to us with questions, feedback, and success stories. U.S. Rehab Continues Helping Members During COVID-19 thumbnail U.S. Rehab Continues Helping Members During COVID-19 Our team here at U.S. Rehab is working hard every day to meet the needs of our membership. We are fielding calls, emails, and reaching out to our valued members and manufacturer partners to see how we can help. If there's a problem that you're experiencing, we want to hear from you, whether it's access to the VA or a rehab facility, concerns about getting paid for your services, telehealth concerns, etc., please reach out and let us know at [email protected] Clarification on What is a “Healthcare Provider” in the FFCRA thumbnail Clarification on What is a “Healthcare Provider” in the FFCRA In phase 2 of the government's COVID-19 relief package, passed nearly 2 weeks ago and known as the Families First Coronavirus Response Act (FFCRA), there was language exempting certain business types from being required to offer expanded medical leave and sick leave to their employees. VGM clarifies these exemptions in the following article. House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk thumbnail House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk On March 27, the Coronavirus Stimulus Package, H.R. 748, passed the House. The bill will now head to President Trump's desk for his signature. Much needed reimbursement relief will be coming to home medical equipment suppliers! The bill includes language from H.R. 2771, which provides relief for areas deemed rural and non-rural by CMS. U.S. Small Business Administration Offers Low-Interest Rate Loans thumbnail U.S. Small Business Administration Offers Low-Interest Rate Loans The U.S. Small Business Administration (SBA) is offering designated states and territories low-interest federal disaster loans for working capital to small businesses suffering substantial economic injury as a result of the coronavirus (COVID-19).