How HIPAA Affects the Role of Business Associates

In order to provide the best possible care for patients, healthcare providers often need business partners to provide support services. When do these service providers become business associates as defined by HIPAA, and what are their duties and responsibilities in the role of business associate? How HIPAA Affects the Role of Business Associates – The Basics The purpose of HIPAA’s rules and [...]

2022-05-06T17:03:28-04:00April 15th, 2022|

A Developer’s Guide to Creating HIPAA Compliant Software

You’ve coded up this amazing piece of software that is perfect for the healthcare market. The fact that the industry’s footprint is more than $3.8 billion in the United States alone has got you seeing dollar signs. The only problem is that your potential customers will only consider HIPAA compliant software, and you aren’t sure where or how to get started in making your product [...]

2022-05-06T17:03:38-04:00February 2nd, 2022|

Why You Need Dental IT Support

Dental office administrative staff are often overburdened with a multitude of tasks, especially as of late with staffing shortages across the country. These staff members are often required to wear many hats and are therefore more likely to fall victim to burnout. With their focus divided across several tasks, it is difficult to fully address the security needs of the modern dental practice. This is where dental IT [...]

2022-07-25T09:44:43-04:00September 1st, 2021|

Cyberattack on Legal Billing Firm Impacts 36,000 UPMC Members

In February of 2021, University of Pittsburgh Medical Center (UPMC) announced that the protected health information of over 36,000 patients may have been accessed by hackers. UPMC contracted with Charles J. Hilton & Associates, P.C. (CJH), a law firm concentrating in healthcare reimbursement and accounts receivable law, to collect on “slow-paying, underpaid, and wrongfully denied insurance accounts receivables.” UPMC routinely sent PHI to CJH so CJH could provide [...]

2022-06-24T06:04:47-04:00February 9th, 2021|

Business Associate Breach Affects 829,454 Patients

Luxottica, a business associate that owns popular eye care clinic chains including Target Optical, EyeMed, and LensCrafters, fell victim to a breach that affected 829,454 patients. More details on the business associate breach are discussed below. Business Associate Breach: What Happened? On August 5, Luxottica’s appointment scheduling app had been hacked, although they did not discover the hack until a few days later. Upon discovering the hack, Luxottica [...]

2022-02-16T10:44:33-05:00November 18th, 2020|

What is a HIPAA Compliance Checklist for Law Firms?

Law firms, depending on the nature of the services they provide to covered entities, may fall under the definition of “business associates.” Law firms that qualify as business associates (BAs) must be HIPAA compliant. Tips for developing a HIPAA compliance checklist for law firms are discussed below. What is a HIPAA Compliance Checklist for Law Firms: When is a Law Firm a BA? Business associates perform functions or [...]

2022-05-06T12:08:17-04:00October 23rd, 2020|

OCR Issues Guidance for Mobile Health App Developers

The Department of Health and Human Services’ (HHS) Office for Civil Rights recently issued guidance on when HIPAA applies to health information that a patient creates, manages, or organizes through the use of a health app. The guidance also covers the issue of when mobile health app developers might need to comply with the HIPAA Rules. When are Mobile Health App Developers [...]

2021-12-17T16:28:27-05:00September 14th, 2020|

What is a HIPAA Business Associate Amendment?

Companies enter into agreements with Google for use of various Google products, including G Suite, G Suite for Education, and G Suite for Government. These agreements govern the terms of use - what users may and may not use these applications for. For its G Suite, G Suite for Education, and G Suite for Government products, Google also provides a separate business associate agreement (BAA). [...]

2022-05-06T12:08:18-04:00June 29th, 2020|

What is a HIPAA Service?

A HIPAA service is a service performed by one entity, that enables another entity to meet its HIPAA compliance obligations. Under HIPAA, healthcare providers frequently contract with vendors who perform services involving protected health information. The services include billing, collections, medical transcription, e-prescribing, and many others. If a vendor is performing such a HIPAA service, the vendor is considered to be a business associate, and must comply with HIPAA [...]

2022-05-06T12:08:18-04:00June 15th, 2020|

MSP Healthcare Vertical and HIPAA Compliance

The healthcare vertical has become more lucrative as of late, as the fastest growing sector of the U.S. economy and the most vulnerable to cyberattacks. Healthcare organizations need managed service providers (MSPs) to implement the advanced security tools that are necessary to secure protected health information (PHI). The following discusses the MSP healthcare vertical and HIPAA compliance. MSP Healthcare Vertical Healthcare organizations work with sensitive information on a [...]

2022-05-13T10:16:19-04:00May 26th, 2020|