Friday, September 19, 2014

Reminder: Update Your “Grandfathered” HIPAA
Business Associate Agreements Now!

In January 2013, the Department of Health and Human Services published its Final Rule, which significantly increased the privacy and security responsibilities for the “business associates” of “covered entities,” as those terms are defined by HIPAA. A provision within the Final Rule mandated that all covered entities and their business associates revise their business associate agreements to reflect the new responsibilities. Specifically, a business associate must now, among other things:

Wednesday, September 3, 2014

Health Care Industry Familiar with
HIPAA Breaches, Not So Much Hackers

Community Health Systems, which operates 206 hospitals in 29 states, recently notified 4.5 million of its patients that online hackers had stolen personal data information from its systems between April and June 2014. The data included names, addresses, birthdates, telephone numbers and Social Security numbers—all of which are protected under HIPAA. According to Community, the data did not include financial or medical information.