HIPAA has been around since 1996, but it hasn’t been a priority for many Business Associates until the HIPAA Omnibus Rule of 2013. With more and more organizations using third party providers that create, receive, maintain, or transmit protected health information (PHI) on their behalf, the number of organizations acting as Business Associates, and therefore fall under the scope of HIPAA, continues to increase daily.
A PHI breach, and subsequent findings linking HIPAA noncompliance as a contributing factor for the breach, can be devastating to a Business Associate. The monetary penalties for HIPAA noncompliance are not negligible, but it is the decline in organizational reputation that is even more damaging. Business Associates are opening themselves up to a large amount of risk by not making HIPAA compliance a priority and fully understanding it’s applicability to their organization.
Doug Kanney, Schellman's HIPAA Practice Leader, will cover key HIPAA topics from the view of a Business Associate that include:
- Background, terminology, and evolution of HIPAA
- What the HIPAA Privacy Rule, HIPAA Security Rule, and HITECH Breach notification rule contain
- Common issues Business Associates have with HIPAA compliance
- Risk Analysis / Risk Management considerations
- HIPAA noncompliance ramifications
- Compliance initiatives to show HIPAA compliance to customers