OCR Signals its Concern with Business Associates – BAAs
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has lately been broadcasting its increased attention to, and concern about, HIPAA business associates on a monthly basis.
In March, the OCR announced a $1.55 million settlement with North Memorial Health Care of Minnesota that was partially based on a key finding that the hospital failed to enter into a business associate agreement (BAA) with a major contractor. Then in April, OCR began its Phase 2 HIPAA Audit Program which was expanded to include business associates as well as covered entities, and entered into another BAA-related settlement (as discussed here).
Continuing with the recent theme, in May the OCR published a cyber-awareness update entitled “Is Your Business Associate Prepared for a Security Incident?” in which it essentially answered “no.” Thus, now is the time for covered entities and business associates to ensure that they have signed BAAs in place that adequately address security assessment of the business associate, breach notification and breach response.
Day Pitney, LLC
Phil C. Solomon is the publisher of Revenue Cycle News, a healthcare business information blog and serves as the Vice President of Global Services for MiraMed, a healthcare revenue cycle outsourcing company. As an executive leader, he is responsible for creating and executing sales and marketing strategies which drive new business opportunities and client engagement. Phil has over 25 years experience consulting on a broad range of healthcare initiatives for revenue cycle optimization, where he has developed executable strategies for revenue enhancement, expense reduction, and clinical transformation. Previously, he was the CEO of a Fast-Tech 50 healthcare technology firm, a principal executive at an INC Magazine’s top 500 Fastest Growing Private Companies in the U.S. and he has held various senior leadership positions with national and global business process outsourcing firms. He is an active member of the HFMA Georgia Chapter, has published over 250 articles about revenue cycle optimization and healthcare reform and is a featured speaker at industry educational events. You can reach him email@example.com, 404-849-8065 or on Twitter @philcsolomon.
The post Department of Health and Human Services OCR Scrutinizing BAAs appeared first on REVENUE CYCLE NEWS.