HIPAA for Business Associates

New Training Now Available = HIPAA for Business Associates

HIPAA requires that a covered entity obtain satisfactory assurances from its business associate that the business associate will appropriately safeguard the protected health information it receives or creates on behalf of the covered entity. In short, the a business associate must comply with the HIPAA standards.

A covered entity must obtain in writing, a business associate agreement between the covered entity and the business associate.

So what is a Business Associate?

Health and Human Services (HHS) defines a business associate as "a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity."

Examples of common Business Associates: 3rd Party Billing, IT Services, Waste Removal, Transcriptionist, Storage Facility, Accountant, Lawyer, etc.

Remember, a workforce member of a covered entity is not a business associate.

What does this mean for Covered Entities?

To ensure the safety of your patients' protected health information, you must verify that your business associate is complying with the HIPAA standards by training their staff in HIPAA Policies and Procedures. You must obtain this assurance by having completing a Business Associate Agreement with all of your Business Associates.

Members of Compliance PhD have access to a Business Associate Agreement template; located in the Forms section of the site.

NEW TRAINING NOW AVAILABLE! Compliance PhD has announced a new Training available to its members. HIPAA for Business Associates is now included with all Compliance PhD Memberships.

What does this mean for Business Associates?

Business Associates who fail to comply with the HIPAA standards may face the same fines and penalties levied against non-compliant covered entities. Business Associates must now share the responsibilities to safeguard protected health information.

If you are a Business Associate and are unsure how to train your staff in HIPAA standards, visit http://www.compliancephd.com/ to learn how.

Practice Information Sheet

Practice Managers are often burdened with questions where the answer could be found with minimal effort by the employee. Yet, simply asking the Manager seems to be "easier." In an effort to assist Practice Managers, Compliance PhD has created a helpful document to alleviate the burden of commonly asked questions.

A Practice Information Sheet contains all of the contact information for services the practice most commonly uses.

"What is the phone number for our Sharps Removal Company?"
"Who do I call for IT Support?"
"I think we need a plumber. Who should I call?"
"We need new gloves. How do I order more?"

A Practice Information Sheet posted in all Workstations can empower the employee with the information necessary to answer these questions on their own.

Compliance PhD members can download this Information Sheet in the "Forms" section of the site; however, Compliance PhD is pleased to offer this Sheet to all visitors to our Blog.

To download this Information Sheet, simply click HERE. If you have additional questions about Compliance, or want to know how to alleviate the burdens on Practice Managers, visit: www.CompliancePhD.com