Lexology June 20, 2024
Vorys Sater Seymour and Pease LLP

There appears to be significant confusion regarding the application of the Health Insurance Portability and Accountability Act (HIPAA) to financial institutions when serving health care provider and health plan clients. If a bank or other financial institution performs functions beyond the routine payment processing activities excepted by HIPAA, it may be a HIPAA business associate, which carries important compliance obligations as a matter of law. Because we are receiving more questions from financial institution clients on this issue, we are updating our prior client alert (found here) and providing a reminder that financial institutions may be subject to serious penalties due to inadvertent HIPAA non-compliance.

Generally, HIPAA only applies to “covered entities” (e.g., health care providers, health plans, and health...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, HIPAA, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article