Revenue Cycle Advisor May 31, 2019

The HHS Office for Civil Rights (OCR) issued a new fact sheet last week that clarifies the circumstances under which OCR may hold business associates (BA) directly liable.

In the New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA, OCR explains that the HITECH Act, which was clarified in 2013, identified the provisions of HIPAA that apply directly to BAs. The fact sheet identifies 10 categories of violations for which OCR has the authority to hold BAs directly liable, stating that OCR has authority to take enforcement action against BAs only for those that appear on the following list:

  1. Failure to cooperate with HHS investigations and compliance reviews, including providing HHS with records, compliance reports, and...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Health System / Hospital, HHS, HIPAA, Insurance, Payer, Physician, Primary care, Provider
Related Articles:
HIPAA update protects privacy of reproductive health information
More FTC Privacy Action
White House moves to protect patient abortion records
OCR launches webpage with HIPAA FAQs on Change Healthcare cyberattack
OCR finalizes rule prohibiting certain reproductive health care disclosures

Share This Article