HIPAA Business Associates – 2013 New Requirements and Responsibilities for Compliance
Why Should You Attend:
HIPAA Business Associates are now covered directly under the Privacy Rule’s use and disclosure limitations and the Security Rule’s safeguard provisions, and will be responsible for their own compliance with the regulations and may be held directly liable for any violations of the regulations. The latest regulations also change such things as who is a Business Associate: now sub-contractors of Business Associates are also treated as business associates, greatly expanding the pool of entities under regulation to some that may not even be aware they have become HIPAA Business Associates. Health Information Exchanges, Regional Health Information Exchanges, and e-Prescribing gateways are also now considered to be Business Associates.
In addition, the new requirements have a direct impact on what needs to be put into the business associate agreements you establish. The HIPAA HITECH changes put into effect new rights of individuals to receive electronic copies of information held electronically, ask for certain restrictions on disclosures, and other capabilities that Business Associates may need to provide for their covered entity clients. All kinds of covered entities, and now, business associates of covered entities as well, need to review their HIPAA compliance, policies, and procedures to see of they are prepared to meet the changes in the rules.
This 90-minute webinar will help health information professionals understand what they have to do, and when, and what to keep in mind about business associates as they move forward, in order to be prepared for compliance with the new regulations. It will provide a comprehensive look at the changes in the law and prepare attendees for the process of incorporating the changes into how they do business in their facilities.
Areas Covered in the Webinar:
- The session will begin with the definition of a HIPAA Business Associate including what is and is not a Business Associate and what other kinds of relationships can exist besides a HIPAA Business Associate relationship.
- The role of business associates will be explored and how they are treated under HIPAA will be explained.
- The new regulations will be reviewed and their effects on usual practices for Business Associates and their relationships with covered entities and subcontractors will be discussed.
- What a Business Associate needs to do differently under the new regulations will be explained; we will provide a policy framework for information security, show what policies need to be changed and how, and describe the required and recommended elements of a Business Associate Agreement.
- The importance of Business Associate Agreements will be discussed; the costs of breaches by Business Associates will be considered.
- The new enforcement penalty structure and the latest plans for audits by HHS OCR will be described and a plan for being prepared for audits will be discussed.
- The new four-tier violation schedule will be explained, with increased fines, and mandatory fines for willful neglect of compliance that start at $10,000.
