Understand how to implement a proper business associate agreement (BAA) and the obligations and responsibilities under HIPAA.
Nearly a decade ago, the Department of Health and Human Services (HHS) issued a final rule to implement some of the statutory amendments to the Health Insurance Portability and Accountability Act of 1996 and its accompanying regulations (collectively, HIPAA). This final rule known as the ‘omnibus final rule’ took effect in March of 2013, and among other things clarified the direct liability that business associates have under HIPAA. There still is some confusion over who are and who are not considered to be business associates under HIPAA.
Business associates are a wide and broad group of vendors, service providers and others who perform services by and on behalf of entities covered by HIPAA directly (‘covered entities’ in HIPAA refers to health care providers, health plans and health care clearinghouses) and in so doing must use or disclose patients’ nonpublic individually identifiable health information. When the omnibus rule took effect, HHS estimated that as many as half a million separate entities were business associates and would be affected by the omnibus rule - before giving consideration to any other or further vendors or service providers doing work for those business associates. Come prepared to explore what has happened in the nearly ten years since the omnibus final rule took effect.
Learning Objectives
- You will be able to review key provisions to ensure they are up to date when reviewing and updating business associate agreements.
- You will be able to discuss how to inventory all of the businesses or entities to verify who all business associates are.
- You will be able to describe what you should require your business associates to do to remain compliant with HIPAA.
- You will be able to identify what a business associate’s responsibility under HIPAA is for assuring those subcontractors are HIPAA compliant.
Agenda
- If We Are Planning to Review and Update Our Business Associate Agreements, What Are Some Key Provisions We Should Assure Are up to Date?
- How Can, or Should We, Inventory All the Businesses or Entities to Verify We Have a Complete Perspective on Who All of Our Business Associates Are?
- What Enforcement Have We Seen Under HIPAA Related to Acts and Omissions of Business Associates?
- What Are Some Recommendations for Audits That Covered Entities Should Do of Their Business Associates or That Covered Entities Should Require Their Business Associates to Do to Remain Compliant With HIPAA
- What About Subcontractors for Business Associates - What Is a Business Associate’s Responsibility Under HIPAA for Assuring Those Subcontractors Are HIPAA Compliant?
Speakers
Leslie Bender, CIPP/US, CCCO, CCCA, IFCCE,
BCA Financial Services- Chief strategy officer and general counsel for BCA Financial Services, Inc., a Miami, Florida headquartered revenue cycle management company
- An articulate corporate executive with more than 30 years of experience handling compliance, regulatory, transactional and legal matters for hospitals and financial services companies
- Recognized as a national expert on HIPAA and other information privacy and security laws, she was one of the first privacy officers internationally accredited as a Certified Information Privacy Professional
- In addition to being an attorney and government/regulatory relations specialist, she is an experienced mediator
- Frequent motivational speaker and compliance educator and has been honored for her contributions to the consumer financial and health care industries by several credit, collections, health care and banking associations as well as the U.S. Small Business Administration
- J.D. degree, University of Notre Dame; undergraduate degree, Northwestern University
Who Should Attend
This live webinar is designed for medical records directors, health information directors, business managers, office managers, nurses, hospital administrators, compliance directors, release of records professionals, and attorneys
