The vendors you choose to help run your business will determine your business success level. Ultimately, your vendor’s vulnerabilities are your vulnerabilities, which is why HIPAA emphasizes the importance of business associate compliance. Business associate vendors must be compliant with HIPAA standards. So how do you ensure that you are choosing HIPAA compliant vendors? What is a Business Associate? While not all [...]
The Department of Health and Human Services (HHS) maintains a list of health-related data breaches affecting 500 or more individuals. HHS obtains this information from the healthcare organizations and business associates who discovered the breach. The list, referred to as the “Wall of Shame,” was recently graced by Central Files, the business associate of covered entity Elkhart Emergency Physicians. HIPAA regulations require covered entities to [...]
Companies enter into agreements with Google for use of various Google products, including G Suite, G Suite for Education, and G Suite for Government. These agreements govern the terms of use - what users may and may not use these applications for. For its G Suite, G Suite for Education, and G Suite for Government products, Google also provides a separate business associate agreement (BAA). [...]
The HIPAA workforce definition is critical to understanding which entities a covered entity must enter into business associate agreements with. The HIPAA workforce definition is discussed below. The HIPAA Workforce Definition: What is it? The HIPAA workforce definition, if properly understood, will make it easier for covered entities to determine whom they need to enter into business associate agreements with. The “workforce” [...]
In a recent study conducted by the Ponemon Institute, it was determined that 54% of healthcare vendors had experienced at least one data breach affecting protected health information (PHI). However, healthcare providers are continually neglecting their obligation to adequately vet vendors they are working with. It was found that although many healthcare providers somewhat address their vendor vetting obligation by sending risk assessment questionnaires, 41% [...]
Under the HIPAA Privacy Rule, a covered entity may, in some circumstances, be liable for its business associate breach under the business associate agreement. When May a Covered Entity be Liable for a Business Associate Breach of the Business Associate Agreement? A covered entity may be liable for business associate misconduct or violations when: The covered entity knew of a pattern of activity or practice [...]
Cloud service providers (CSP) are businesses that provide network services, business applications, or infrastructure, in the cloud. The services are hosted in a remote data center that can be accessed through a company network connection. Cloud service providers that create, receive, maintain, or transmit electronic protected health information (ePHI) on behalf of a covered entity or business associate, are considered HIPAA business associates. HIPAA cloud service providers must [...]
Google Sheets is a web-based spreadsheet offered by Google within its Google Drive service. It was first released in 2007. The issue of Is Google Sheets HIPAA Compliant is discussed below. How Can Google Sheets Become HIPAA Compliant? If you are asking yourself “Is Google Sheets HIPAA Compliant?” then the issue of how Google Sheets is regulated by HIPAA must be addressed first. HIPAA regulations [...]
The convenience of using cloud storage has caused many businesses to use the technology. In the healthcare industry, the ability to quickly access patient’s protected health information (PHI) from various systems is important. However, when choosing a cloud provider, organizations working in healthcare must ensure that the service is HIPAA compliant. Is OneDrive HIPAA compliant? HIPAA Business Associates Agreements The Health Insurance [...]
With the ever-growing importance of data privacy and security, it's no wonder that many healthcare organizations are asking the question: "Is Google Drive HIPAA compliant?" As one of the world's most popular cloud-based storage solutions, millions of people use Google Drive daily to store and share their personal and professional documents. But when it comes to handling sensitive medical information, can we trust that this platform [...]
