How to Choose a HIPAA Compliant Vendor

The vendors you choose to help run your business will determine your business success level. Ultimately, your vendor’s vulnerabilities are your vulnerabilities, which is why HIPAA emphasizes the importance of business associate compliance. Business associate vendors must be compliant with HIPAA standards. So how do you ensure that you are choosing HIPAA compliant vendors? What is a Business Associate? While not all [...]

2022-05-06T17:03:34-04:00March 2nd, 2022|

Importance of BAA Compliance Highlighted by Breach

The Department of Health and Human Services (HHS) maintains a list of health-related data breaches affecting 500 or more individuals. HHS obtains this information from the healthcare organizations and business associates who discovered the breach. The list, referred to as the “Wall of Shame,” was recently graced by Central Files, the business associate of covered entity Elkhart Emergency Physicians. HIPAA regulations require covered entities to [...]

2021-01-06T16:17:55-05:00July 16th, 2020|

What is a HIPAA Business Associate Amendment?

Companies enter into agreements with Google for use of various Google products, including G Suite, G Suite for Education, and G Suite for Government. These agreements govern the terms of use - what users may and may not use these applications for. For its G Suite, G Suite for Education, and G Suite for Government products, Google also provides a separate business associate agreement (BAA). [...]

2022-05-06T12:08:18-04:00June 29th, 2020|

HIPAA Workforce Definition

The HIPAA workforce definition is critical to understanding which entities a covered entity must enter into business associate agreements with. The HIPAA workforce definition is discussed below.  The HIPAA Workforce Definition: What is it? The HIPAA workforce definition, if properly understood, will make it easier for covered entities to determine whom they need to enter into business associate agreements with. The “workforce” of a covered [...]

2022-05-06T12:08:18-04:00May 22nd, 2020|

Vendor Vetting Can Save You Millions

In a recent study conducted by the Ponemon Institute, it was determined that 54% of healthcare vendors had experienced at least one data breach affecting protected health information (PHI). However, healthcare providers are continually neglecting their obligation to adequately vet vendors they are working with. It was found that although many healthcare providers somewhat address their vendor vetting obligation by sending risk assessment questionnaires, 41% [...]

2021-08-02T17:00:06-04:00March 12th, 2020|

When is a Covered Entity Liable for a Business Associate Breach?

Under the HIPAA Privacy Rule, a covered entity may, in some circumstances, be liable for its business associate breach under the business associate agreement.  When May a Covered Entity be Liable for a Business Associate Breach of the Business Associate Agreement? A covered entity may be liable for business associate misconduct or violations when: The covered entity knew of a pattern of activity or practice [...]

2021-02-05T12:54:59-05:00January 21st, 2020|

HIPAA Cloud Service Providers

Cloud service providers (CSP) are businesses that provide network services, business applications, or infrastructure, in the cloud. The services are hosted in a remote data center that can be accessed through a company network connection. Cloud service providers that create, receive, maintain, or transmit electronic protected health information (ePHI) on behalf of a covered entity or business associate, are considered HIPAA business associates. HIPAA cloud service providers must comply [...]

2022-05-06T12:08:18-04:00January 8th, 2020|

Is Google Sheets HIPAA Compliant?

Google Sheets is a web-based spreadsheet offered by Google within its Google Drive service. It was first released in 2007. The issue of Is Google Sheets HIPAA Compliant is discussed below. How Can Google Sheets Become HIPAA Compliant? If you are asking yourself “Is Google Sheets HIPAA Compliant?” then the issue of how Google Sheets is regulated by HIPAA must be addressed first. HIPAA regulations [...]

2020-11-19T11:45:57-05:00December 3rd, 2019|

Is OneDrive HIPAA Compliant?

The convenience of using cloud storage has caused many businesses to use the technology. In the healthcare industry, the ability to quickly access patient’s protected health information (PHI) from various systems is important. However, when choosing a cloud provider, organizations working in healthcare must ensure that the service is HIPAA compliant. Is OneDrive HIPAA compliant? HIPAA Business Associates Agreements The Health Insurance Portability [...]

2020-11-17T17:37:16-05:00November 1st, 2019|

Is Google Drive HIPAA Compliant?

The Health Insurance Portability and Accountability Act (HIPAA) set forth industry standards for the privacy and security of protected health information (PHI). PHI is any individually identifying health information such as name, birthdate, treatment history, financial information, etc. As such, healthcare organizations must adopt safeguards to secure PHI in the form of administrative, physical, and technical safeguards. Many organizations have adopted the use of G Suite as it [...]

2022-11-09T14:54:44-05:00September 27th, 2019|