Lexology May 14, 2024
McGuireWoods LLP

Applicable Provider Types: All

Is Your Entity in Compliance?

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 (HIPAA) requires Covered Entities (CEs), Business Associates (BAs) and Business Associate subcontractors to enter into written agreements governing each party’s rights and obligations with respect to the privacy and security of patient Protected Health Information (PHI). Most healthcare providers will qualify as a CE. CEs must obtain “adequate written assurances” from their BAs that the PHI will only be used or disclosed as permitted by law and as instructed by the CE, and BAs must impose these obligations and limitations on their subcontractors. These written assurances typically...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, HIPAA, Provider
Related Articles:
What the HIPAA rulemaking notice means for you
AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes
‘Security! Security!’ HHS Proposes Updates To HIPAA’s Security Rule
HIPAA Security Rule Overhaul: Start Planning Now
Podcast Episode 04: Navigating HIPPA - Current Trends and Future Directions

Share This Article