• Invite Us to Your Next Bid
  • Log In
  • Contact Sales
  • 1.800.790.1205
  • SUPPORT
  • Home
  • Background Checks
  • Solutions
    • Screening Services
      • Criminal Background Checks
      • Identity Check Solutions
      • Sanctions and Compliance
      • Motor Vehicle Record Services
      • Verification Services
      • Drug & Health Screening
      • I-9 & E-Verify
      • Candidate Experience & E-Application
      • Extended Workforce Screening
      • Global Screening
      • Additional Services
    • Industries
      • Education
      • Energy & Utilities
      • Government
      • Financial Services
      • Health Care
      • Non-Profit & Volunteer
      • Staffing
      • Retail
      • Sharing Economy
      • Transportation
    • Platforms By Name
      • GlobalHiRe
      • GHRR Group Connect
      • SwiftHire
      • GHRR On-Boarding Solutions
      • GHRR Transportation Solution
      • Vendor Screening Solution
  • Why GHRR
  • Resources
    • Background Screening
      • FCRA Compliance
      • Employment Law
      • Form Downloads
    • News & Events
      • Events & Webinars
      • GHRR Blog
      • GHRR Newsletter
      • Case Studies and Testimonials
      • Press Releases
  • Blog
  • About Us
    • About GHRR
      • Overview
      • Leadership Team
      • Fact Sheet
    • Careers
      • Overview
      • Current Opportunities
    • Contact GHRR
      • Contact Sales
      • Request A Demo
      • Applicant / Consumer
    • News & Events
      • Events & Webinars
      • GHRR Blog
      • GHRR Newsletter
      • Case Studies and Testimonials
      • Press Releases
Menu
  • Home
  • Background Checks
  • Solutions
    • Screening Services

      • Criminal Background Checks
      • Identity Check Solutions
      • Sanctions and Compliance
      • Motor Vehicle Record Services
      • Verification Services
      • Drug & Health Screening
      • I-9 & E-Verify
      • Candidate Experience & E-Application
      • Extended Workforce Screening
      • Global Screening
      • Additional Services

      Industries

      • Education
      • Energy & Utilities
      • Government
      • Financial Services
      • Health Care
      • Non-Profit & Volunteer
      • Staffing
      • Retail
      • Sharing Economy
      • Transportation

      Platforms by Name

      • GlobalHiRe
      • GHRR Group Connect
      • GlobalHiRe Mobile
      • GHRR On-Boarding Solutions
      • GHRR Transportation Solution
      • Vendor Screening Solution
      Partners
      contact sales request demo
    • Close
  • Why GHRR
  • Resources
    • Global HR Research provides FCRA compliance information and online templates of all letters and forms necessary to maintain compliance with FCRA employment background screening requirements.

      We will help you reach all of your short and long-term business objectives. As your partner, we will grow and change by your side, while helping to take your business to that next level you are striving for.

      Background Screening

      • FCRA Compliance
      • Employment Law

      News & Events

      • Webinars
      • GHRR Blog
      • Resources
      • Press Releases
      contact sales request demo
    • Close
  • Blog
  • About Us
    • We understand that there are a lot of choices when it comes to background screening, and for that reason, we continually strive to add smart technology and advanced solutions to our product portfolio combined with an industry leading client support team.

      Companies choose GHRR because we are a different kind of company. Simply put, we save you time, we save you money and we help you make the right investment in your most prized asset, your employees.

      About GHRR

      • Overview
      • Leadership Team
      • Fact Sheet

      Contact GHRR

      • Contact Sales
      • Request A Demo
      • Applicant / Consumer

      Careers

      • Overview
      • Current Opportunities

      News & Events

      • Webinars
      • GHRR Blog
      • Resources
      • Press Releases
      contact sales request demo
    • Close

Blog


Home/Legal Updates/A guide to HIPAA compliance for “Business Associates”

Mar 02

2016

A guide to HIPAA compliance for “Business Associates”

A guide to HIPAA compliance for “Business Associates”

In 1996 the federal government introduced a law known as the Health Insurance Portability and Accountability Act (HIPAA). The mandates were implemented to improve the process of sharing patient records between health care organizations, as well as to protect the overall privacy of confidential patient information. Since 2009 especially, the department of Health and Human Services, which oversees enforcement of the law, has shifted its attention to ensuring that the privacy rule of HIPAA is widely enforced, Medical Economics explained. The focus has moved to patient information privacy protection because of advances in technology: In the digital age patient health information is primarily stored on computers in the form of electronic health records, rendering them more vulnerable to breaches or cyber attacks.

Effectively complying with HIPAA can be complicated, but it typically involves ensuring that sensitive patient data is fully protected by taking a number of measures, such as implementing software and developing a set of privacy rules for employees. In recent years the Office of Civil Rights, which is a branch of HHS, has introduced a number of trial HIPAA audits for health care companies to ensure that their organizations meet the law’s standards. And in 2016 the number of nationwide audits are set to increase, Healthcare IT News stated.

“In 2016 the number of nationwide audits are set to increase.”

What is “Business Associate” status?
It isn’t just health care organizations that should be concerned about HIPAA compliance, however. A number of companies across an array of industries could be liable to comply with HIPAA under a designation known as “Business Associate” status. The BA status, according to HHS.gov, is a company that does business with a health care organization and uses protected patient health information, or has technology that could access that information. Examples of companies that typically fall under BA status are law firms, data management companies, accounting groups and consultation organizations. Groups that do general business with health care companies, such as catering services or janitorial services are not regarded as business associates, because they do not have permitted access to patient health records. Furthermore, a business involved exclusively with the movement of protected health information, such mailing organizations, are considered to be a “conduit” but not a “BA.”

HIPAA business associates are typically defined as such in any new contract signed with a health care provider they are set to work with, HHS.gov elaborated. It’s absolutely imperative, therefore, that an organization’s human resources department is aware of their company’s BA status, as the provisions may be hidden in the small print of a contract. If a company is indeed regarded as a BA for HIPAA purposes then it’s important they ensure that their company is in compliance with the act’s rules, especially ahead of the OCR audit program set to begin later this year. Just like a health care company, a BA is liable for hefty financial penalties from the OCR if non-compliance is uncovered during an audit, Healthcare IT News noted.

BA companies should work hard to ensure that they comply with HIPAA mandates.BA companies should work hard to ensure that they comply with HIPAA mandates.

Tips for audit preparation
There are a number of steps that a human resources department at a BA can take to prepare for a potential HIPAA audit. Below is a quick guide to the most effective steps:

  • Consulting with the legal department is the first step to ensuring that a company actually qualifies as a BA. Once this has been determined, legal professionals can help with the process of deciphering HIPAA’s many complex stipulations.
  • Developing a clear company-wide policy for HIPAA compliance is vital. BAs that have yet to do this should begin the process immediately.
  • Once a compliance framework has been put in place, educational seminars for all staff are encouraged to bring them up to speed on what’s expected.
  • A security check of a company’s entire information technology infrastructure is necessary: Systems should be up to date, HIPAA approved and problem-free. As Fierce Health IT argued, the worst time to uncover any security problems is just before an audit.
  • Organization is also encouraged, Fierce Health IT detailed. The OCR will look more kindly upon a company that has everything in order.
  • Holding a drill audit for all staff is also an astute move, according to Healthcare IT News.

Falling behind
The above information is important for all business associates, especially given the fact that BAs are generally less aware of HIPAA than health care companies. In fact, according to the HIPAA Journal, during 2013 alone, due to a lack of HIPAA awareness, BAs were responsible for 40 percent of all recorded patient health information security breaches. Another recent study from Legal Workspace produced similar findings: The investigation discovered that just 13 percent of surveyed BA law firms had the right kind of security measures and technology in place to stay on the right side of HIPAA. The results from both studies demonstrate that more education is needed for health care organization BAs on HIPAA’s myriad mandates.

  • SHARE

Stay Connnected

Categories

  • Assessments
  • Background Screening
  • Blog
  • Drug Testing / Occupational Health
  • Drug Testing/ Occupational Health
  • Events & Conferences
  • Global Cares
  • Industry News
  • Legal Updates
  • News & Awards
  • Onboarding
  • Press Releases
  • Talent Assessment
  • Talent Screening
  • Uncategorized
  • Webinars & Events
Contact GHRR
  • 9530 Marketplace Road Suite 301
    Fort Myers, FL 33912

  • 1.800.790.1205

  • contactus@ghrr.com

Global HR Research
  • Background Checks
  • Solutions
  • Why GHRR
  • Resources
  • Blog
  • About Us
  • Employment Opportunities
  • Contact Us
  • Privacy Policy
  • Join A Meeting
  • PSC Locator
Stay Connnected
Sign Up for Email Updates?

Receive the latest in news and industry updates.

 

©2020 Global HR Research All rights reserved. | Accessibility Statement