SELF-HELP GUIDE TO HIPAA FOR SMALL EMPLOYERS

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "SELF-HELP GUIDE TO HIPAA FOR SMALL EMPLOYERS"

Transcription

1 SELF-HELP GUIDE TO HIPAA FOR SMALL EMPLOYERS Introduction By Serena G. Simons and Peter N. Cizik HIPAA * is probably one of the most misunderstood sets of regulations facing employers today. The good news is that there is a huge amount of information available to help you comply with HIPAA. The bad news is that a fair amount of what is out there is wrong. And don t look to the federal government for help. It is still trying to sort these regulations out for the health industry and has few resources left to devote to issues related to employer group health plans. This article will attempt to tilt the balance back in your favor by providing some practical steps you can take to control your obligations under these new regulations and to minimize your compliance costs. This Doesn t Really Apply To Me, Does It? And Other Common HIPAA Misunderstandings Before discussing the steps you can take to control your obligations and minimize your compliance costs under the HIPAA regulations, we d like to discuss some common misunderstandings about HIPAA. Many employers have been told and erroneously believe -- that they are not affected by HIPAA. The results might not only be embarrassing, but also illegal and expensive. Below is a list of these misunderstandings and the real answer for each one. Misunderstanding No. 1: Small employers don t have to worry about HIPAA Wrong! There is no small employer exception. Every employer that offers a group health plan to its employees will be affected by HIPAA and will have to determine its compliance obligations, even though an insurance company does all the work administering those benefits. If you pay less than $5 million a year in premiums (or benefits if you are self-funded) your compliance date for the privacy rule is April 14, Larger group health plans had to comply last year. The ONLY real health plan exception under HIPAA is for very small, self-administered group health plans those with fewer than 50 participants AND are self-insured and selfadministered. Most small employer health plans are insured (not self-administered), and therefore are subject to the privacy rule. * HIPAA stands for the Health Insurance Portability and Accountability Act of 1996, which, among other things, attempts to simplify the health care system by requiring standardized electronic transmissions of claims-related information. It also protects the privacy of health information. This article discusses HIPAA's privacy requirements. Group health plans are also required to comply with other HIPAA regulations, most of which have compliance dates in 2005 or later. Page 1 of 6

2 Misunderstanding No. 2: My group health plan does not transmit any information electronically, so it is exempt from HIPAA Wrong again. Group health plans are covered by the HIPAA regulations whether they transmit information electronically or not. Health care providers, such as doctors, nurses, on-site clinics, etc., are exempt from these regulations if they do not transmit electronically, but this exemption applies only to providers, not to group health plans. Misunderstanding No. 3: My insurance company is responsible for HIPAA compliance, not me. Not quite you are both covered by the rule. You the employer are the legal sponsor of the group health plan (a covered entity) and you must ensure that your group health plan complies with HIPAA. Your insurer is also a covered entity and must ensure that it complies with HIPAA in its own activities. Note that if the type of health information you receive from your insurance company is strictly limited to the type of information called summary health information (or SHI ), and you use it only in accordance with special rules set out in the HIPAA privacy rule, your compliance burden will be very small. But the burden with regard to your group health plan is still legally yours. Misunderstanding No. 4: My health flexible spending account ( FSA ) isn t subject to HIPAA. Unfortunately also wrong your health FSA is subject to HIPAA (unless, of course, it has fewer than 50 participants and is self-administered). What s more, these plans are always selfinsured and so will require the highest levels of HIPAA compliance even if you as the employer are not directly involved in the administration of the plan. Misunderstanding No. 5: My broker (or TPA) will take care of HIPAA for me. Maybe. Your broker (or TPA) may, indeed, perform this service for you. But you must understand that the legal obligation is still yours, and any penalties imposed for a failure to comply will be imposed on you and not your broker (or TPA). So it is in your interest to know something about HIPAA and to be pro-active in raising compliance issues with your broker (or TPA). Misunderstanding No. 6: I don t get any health information about my employees, so I don t have to comply with HIPAA. Unfortunately, it is not that simple. An employer with a self-insured plan is deemed to receive employee health information even if the employer has taken careful steps to ensure that it does not, for example, by using a third party administrator for all aspects of plan administration. Such an employer is relieved of some, but not all HIPAA compliance obligations. Also, an employer with a fully-insured plan may be receiving protected health information of which it is not aware. It is your obligation to determine what information you are receiving and what your compliance obligations are. Practical Steps To Minimize HIPAA Obligations and Costs This brings us to the main part of our article: What can you do as an employer to keep your HIPAA obligations and costs as small as possible? Page 2 of 6

3 The key to minimizing your compliance burden is whether you see protected health information PHI -- in the course of administering your company s group health plan. Note that hiring vendors will not insulate you completely. In general, if your vendor sees PHI on your behalf, then you are deemed to have seen it as well. If you and your vendors -- do not see (i.e., receive) PHI, your compliance burden and costs will be significantly smaller. Therefore, your primary task as an employer that wishes to minimize its obligations, costs, and risks under HIPAA will be to avoid seeing (receiving) PHI about your employees and their families. So, what exactly is PHI? PHI -- protected health information -- is any information relating to an individual s health, or health benefits, from which they can be identified. The information does not need to include medical data to be protected. If, for example, a person is enrolled in the PPO option of an employer s group health plan, the person s name and choice of plan are considered protected health information. Protected health information can be on paper, in electronic media, or it can be an oral statement. For instance, if an insurance company s customer service representative tells an employer over the telephone that a particular employee has diabetes, the representative has disclosed protected health information. Other common examples of PHI are: enrollment forms, explanations of benefits ( EOBs ), and claims forms. See for more examples.] Now that you know what PHI is and that you should avoid it, what are some common practices you should review to minimize your exposure to PHI and thus your compliance burden? Enrollment. With rising healthcare costs, there s a good chance you may be shopping around for a different health plan. Many insurance company enrollment forms request all kinds of PHI from employees and their families, including specific information about medical histories. Institute a process by which enrollment forms are sent directly to the insurer and not to you! If you or your HR department insists on collecting the forms first, make sure employees seal the forms in envelopes before turning them in. If this information is sent to your broker, determine what role the broker is playing when it receives this information and whether there are contract implications for you (i.e. determine whether there needs to be a business associate agreement in place with that broker first). Claims Advocacy. An employee has filed a claim that hasn t been paid and has asked for the company s help to get the claim paid. This is almost impossible to do without getting additional PHI from the insurance company. First decide whether your broker or you will handle this for employees. Then set up a process by which your broker (or you) obtains a HIPAA compliant authorization form from your employee and provides that form to the insurance company. That form authorizes the insurance company to release additional information to your broker (or you) for purposes of resolving the claim. Make sure that your broker (or you) takes precautions to safeguard any PHI received from the insurance company. In fact, the best course might be to destroy the PHI once the claim has been resolved. Claims Reports. Many employers receive regular reports on claims experience for the preceding week, month, etc. Often these reports identify the individuals filing the claims. This information is PHI. Consider whether you need to continue to receive this identifying Page 3 of 6

4 information, or whether information with the identifiers removed would be sufficient for your plan administrative purpose. Remember that, under HIPAA, you may not use information about an individual from your group health plan to make any employment decisions! Duplicate EOBs. Some employers receive duplicate copies of the EOBs sent to health plan participants. Here again, these documents are clearly PHI, and employers should carefully consider whether the purposes for which they have been receiving this information are permitted after HIPAA and if so, whether they need to continue to receive this information. Absolute Minimums But what are the absolute minimums? If you do nothing else, what is it you should do to protect yourself under HIPAA? Be smart. As with taxes, ignorance is no defense when it comes to HIPAA. Get educated on the regulations. Even if you think it doesn t apply to you directly, chances are it will have some impact on how you run your business on a day-to-day basis. Also, while your compliance burden may be small today, your situation may change and you need to know for what to watch, so that you can increase your compliance infrastructure as required. Be pro-active. If your broker has not discussed HIPAA compliance with you, take the initiative. In particular, determine whether you will need a business associate contract with your broker. In general, the contract stipulates that your broker will do certain things to ensure the PHI it receives on your behalf remains secure and protected from unauthorized disclosures. The HIPAA regulations require such a contract in some circumstances, and in other circumstances it also might be a good idea. Also, make sure you and your insurer discuss and agree on who is responsible for what. Be good. Much of what used to be standard operating procedure for both insurance companies and employers is now prohibited under federal law, or must be structured differently. Take the time to think about the information you have been getting and whether you can properly or whether you even want to -- continue to get it at all. And be careful. Employers tend to get and use lots of PHI for no reason other than because they always have. That was then, this is now. HIPAA has changed the rules and you must be careful not to inadvertently set yourself up for a burdensome compliance program that you don t need and you certainly don t want - if you can avoid it. The chart below provides a good starting point for your HIPAA compliance program if your plan is fully insured and will still be helpful if your plan is self-insured. Even the 10-employee company needs to be concerned with HIPAA - don t be lulled into noncompliance because auditors aren t knocking on your door. These are some easy steps that will get you started. But remember - this is NOT the be all and end all list of what needs to be done. Only a thorough review of your health plan practices will give you that answer. Check out and some of the other resources listed below for additional useful information and tools to help you out. Page 4 of 6

5 COMPLIANCE CHECKLIST INITIAL COMPLIANCE STEPS 1. Get trained on HIPAA. Even executive management (or maybe, especially executive management) needs to have a working knowledge of the risks of noncompliance. 2. Contact your service providers (e.g., brokers, TPAs) to determine compliance roles and responsibilities. Establish and/or review contracts with these providers for confidentiality and/or Business Associate provisions, as applicable. 3. Contact your insurance carrier (if fully insured) to discuss compliance roles and responsibilities including responsibility for distributing Notice of Privacy Practices. 4. Establish procedures to insure you receive only Summary Health Information (SHI) and use it only for proper purposes. 5. Establish procedures to handle claims advocacy, including an authorization form. 6. Establish procedures to handle any specific request (from an employee or otherwise) (e.g., subpoenas or other court orders) that may require you to receive PHI Establish complaint procedures. Establish procedures to comply with the residual compliance obligations for fully insured plans (no retaliation, no waiver, confidential communications). 9. Document all related policies, procedures and compliance efforts (even though the rules might not require you to do so). This will be the first question asked during any kind of audit (formal or informal)! 10. Don t forget your FSA! Additional Resources Centers for Medicare & Medicaid Services General Information State preemption analysis Page 5 of 6

6 About the Authors Serena G. Simons Serena has practiced in the area of employee benefits for more than 15 years. She regularly advises employers on such matters as plan design and compliance with statutory and regulatory regimes that affect benefits plans including the Internal Revenue Code, ERISA, COBRA, FMLA, HIPAA, ADEA, and ADA. Serena has a significant amount of experience in drafting and amending health plan documents, in preparing plan-related employee communications (in both electronic and paper formats), in negotiating service-provider contracts, and in dealing with the benefits issues related to business transactions. She also has worked extensively with plan sponsors on such matters as plan administrative structure, fiduciary responsibilities, and claims review processes and procedures under ERISA. Serena speaks and writes frequently and advises employers on various issues related to HIPAA privacy compliance for group health plans and other employer-provided health services. Serena received her law degree, with high honors, from the Duke University School of Law, and her B.A. from Duke University. Peter N. Cizik Peter is a Managing Director and co-founder of HIPAA Solutions Rx ( He has over 18 years of management and consulting experience in Fortune 500 companies such as Andersen Consulting (now Accenture) and Intel Corporation as well as numerous startups. He has an Electrical Engineering degree from the University of Texas and an MBA from the Harvard Business School. Peter brings his years working in the Healthcare industry and ISO level compliance projects to the HIPAA compliance challenge, driving HIPAA Solutions Rx to provide industry leading tools to all organizations impacted by these sweeping regulations. Partnering with leading experts, HIPAA Solutions Rx provides cost effective tools that are of the highest quality. Note: This Document is intended for general informational purposes only and should not be considered legal advice or legal opinion on any specific facts or circumstances. You are urged to consult your corporate counsel or benefits attorney concerning any legal questions you may have. Copyright. Copyright 2004 by HIPAA Solutions Rx. All rights reserved. No part of this publication may be reproduced or transmitted by any means, electronic or mechanical, including photocopy, without prior written permission of the authors. Page 6 of 6

HIPAA PRIVACY FOR EMPLOYERS A Comprehensive Introduction. HIPAA Privacy Regulations-General

HIPAA PRIVACY FOR EMPLOYERS A Comprehensive Introduction. HIPAA Privacy Regulations-General HIPAA PRIVACY FOR EMPLOYERS A Comprehensive Introduction HIPAA Privacy Regulations-General The final HIPAA Privacy regulation was released on December 20, 2000 and was effective for compliance on April

More information

HIPAA Privacy Summary for Self-insured Employer Groups

HIPAA Privacy Summary for Self-insured Employer Groups I. Overview HIPAA Privacy Summary for Self-insured Employer Groups The Privacy Regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulate the uses and disclosures of

More information

Alert. Client PROSKAUER ROSE LLP. HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements

Alert. Client PROSKAUER ROSE LLP. HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements PROSKAUER ROSE LLP Client Alert HIPAA Compliance Update: Employers, As Group Health Plan Sponsors, Will Be Affected By HIPAA Privacy Requirements The U.S. Department of Health and Human Services published

More information

January 2003. Employers must be prepared for their obligations under the HIPAA Privacy Rules

January 2003. Employers must be prepared for their obligations under the HIPAA Privacy Rules Employer Sponsored Group Health Plans and the HIPAA Privacy Rules Employers must be prepared for their obligations under the HIPAA Privacy Rules January 2003 Bob Radecki KnowHIPAA.com HIPAA-COBRA-FMLA

More information

An Employer s Introduction to HIPAA Prepared by Ballard, Rosenberg Golper & Savitt, LLP

An Employer s Introduction to HIPAA Prepared by Ballard, Rosenberg Golper & Savitt, LLP An Employer s Introduction to HIPAA Prepared by Ballard, Rosenberg Golper & Savitt, LLP Important Disclaimer: Practice limited to labor and employment law on behalf of management and related litigation.

More information

HIPAA Privacy Overview

HIPAA Privacy Overview May 21, 2003 HIPAA Privacy Overview Presented to the California State University Agenda Introduction HIPAA privacy regulations HIPAA privacy impact on CSU Next steps/action items Mercer Human Resource

More information

HIPAA PRIVACY AND SECURITY STANDARDS CITY COMPLIANCE

HIPAA PRIVACY AND SECURITY STANDARDS CITY COMPLIANCE Important: Conducting an assessment of your health plan(s) is the first step to determining HIPAA compliance. You will need to conduct a separate assessment for each of your health plans. (Please be aware

More information

American Bar Association. Technical Session Between the Department of Health and Human Services and the Joint Committee on Employee Benefits

American Bar Association. Technical Session Between the Department of Health and Human Services and the Joint Committee on Employee Benefits American Bar Association Technical Session Between the Department of Health and Human Services and the Joint Committee on Employee Benefits May 6, 2008 The following notes are based upon the personal comments

More information

HIPAA PRIVACY AND SECURITY FOR EMPLOYERS

HIPAA PRIVACY AND SECURITY FOR EMPLOYERS HIPAA PRIVACY AND SECURITY FOR EMPLOYERS Agenda Background and Enforcement HIPAA Privacy and Security Rules Breach Notification Rules HPID Number Why Does it Matter HIPAA History HIPAA Title II Administrative

More information

HIPAA Privacy Summary for Fully-insured Employer Groups

HIPAA Privacy Summary for Fully-insured Employer Groups HIPAA Privacy Summary for Fully-insured Employer Groups I. Overview The Privacy Regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulate the uses and disclosures

More information

HIPAA Policy, Protection, and Pitfalls ARTHUR J. GALLAGHER & CO. BUSINESS WITHOUT BARRIERS

HIPAA Policy, Protection, and Pitfalls ARTHUR J. GALLAGHER & CO. BUSINESS WITHOUT BARRIERS HIPAA Policy, Protection, and Pitfalls Overview HIPAA Privacy Basics What s covered by HIPAA privacy rules, and what isn t? Interlude on the Hands-Off Group Health Plan When does this exception apply,

More information

Plan Sponsor Guide HIPAA Privacy Rule

Plan Sponsor Guide HIPAA Privacy Rule Plan Sponsor Guide HIPAA Privacy Rule Plan Sponsor s Guide to the HIPAA Privacy Rule Compliments of Aetna 00.02.108.1A (5/05) Compliments of Aetna You have likely heard a great deal about the HIPAA Privacy

More information

HIPAA. Privacy and Security Frequently Asked Questions for Employers. Gallagher Benefit Services, Inc.

HIPAA. Privacy and Security Frequently Asked Questions for Employers. Gallagher Benefit Services, Inc. 2013 HIPAA Privacy and Security Frequently Asked Questions for Employers Gallagher Benefit Services, Inc. Disclaimer We share this information with our clients and friends for general informational purposes

More information

HIPAA PRIVACY AND EDI RULES

HIPAA PRIVACY AND EDI RULES The Health and Human Services (HHS) issued final HIPAA privacy regulations on August 14, 2002. These rules govern how individually identifiable medical information must be protected. HIIPAA also requires

More information

The HIPAA Privacy Rule: Information for Private Independent Schools 1 By Gerald Woods 2 Kilpatrick Stockton LLP January 2003

The HIPAA Privacy Rule: Information for Private Independent Schools 1 By Gerald Woods 2 Kilpatrick Stockton LLP January 2003 The HIPAA Privacy Rule: Information for Private Independent Schools 1 By Gerald Woods 2 Kilpatrick Stockton LLP January 2003 Protecting the privacy of medical information was primarily the responsibility

More information

The MC Academy The Employee Benefits and Executive Compensation Series. HIPAA PRIVACY AND SECURITY The New Final Regulations

The MC Academy The Employee Benefits and Executive Compensation Series. HIPAA PRIVACY AND SECURITY The New Final Regulations The MC Academy The Employee Benefits and Executive Compensation Series HIPAA PRIVACY AND SECURITY The New Final Regulations June 18, 2013 Overview Background Recent Changes to HIPAA Identifying Business

More information

HIPAA Compliance Manual

HIPAA Compliance Manual HIPAA Compliance Manual HIPAA Compliance Manual 1 This Manual is provided to assist your efforts to comply with the federal privacy and security rules mandated under HIPAA and HITECH, specifically as said

More information

Little-Noticed HIPAA Regulations Create New Burdens for Employers

Little-Noticed HIPAA Regulations Create New Burdens for Employers Little-Noticed HIPAA Regulations Create New Burdens for Employers Earlier this month the federal government released new regulations which could affect an employer's health plans, if those health plans

More information

There are three sections to HIPAA the Privacy Rule, the Security Rule, and the Transaction Rule.

There are three sections to HIPAA the Privacy Rule, the Security Rule, and the Transaction Rule. Introduction This course is on the federal HIPPA rule. HIPAA is the Health Insurance Portability and Accountability Act. It is the federal rule that sets standards for the protection of health information.

More information

CROSS, GUNTER, WITHERSPOON & GALCHUS, P.C. ATTORNEYS AT LAW LITTLE ROCK/FORT SMITH/FAYETTEVILLE

CROSS, GUNTER, WITHERSPOON & GALCHUS, P.C. ATTORNEYS AT LAW LITTLE ROCK/FORT SMITH/FAYETTEVILLE CROSS, GUNTER, WITHERSPOON & GALCHUS, P.C. ATTORNEYS AT LAW LITTLE ROCK/FORT SMITH/FAYETTEVILLE Scotty Shively sshively@cgwg.com www.cgwg.com 500 President Clinton Avenue, Suite 200 Little Rock, AR 72201

More information

HIPAA. HIPAA and Group Health Plans

HIPAA. HIPAA and Group Health Plans HIPAA HIPAA and Group Health Plans CareFirst BlueCross BlueShield is the business name of CareFirst of Maryland, Inc. and is an independent licensee of the Blue Cross and Blue Shield Association. Registered

More information

Can Your Diocese Afford to Fail a HIPAA Audit?

Can Your Diocese Afford to Fail a HIPAA Audit? Can Your Diocese Afford to Fail a HIPAA Audit? PETULA WORKMAN & PHIL BUSHNELL MAY 2016 2016 ARTHUR J. GALLAGHER & CO. BUSINESS WITHOUT BARRIERS Agenda Overview Privacy Security Breach Notification Miscellaneous

More information

HIPAA Privacy for Employers A Comprehensive Introduction

HIPAA Privacy for Employers A Comprehensive Introduction HIPAA Privacy for Employers A Comprehensive Introduction November 1, 2002: Version 1 HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT PRIVACY REGULATION The final HIPAA Privacy Regulation was released

More information

IMPACT to EMPLOYER / PLAN SPONSOR of HIPAA PRIVACY

IMPACT to EMPLOYER / PLAN SPONSOR of HIPAA PRIVACY IMPACT to EMPLOYER / PLAN SPONSOR of HIPAA PRIVACY As the Plan Sponsor/Employer you must contend with yet another federal requirement on your group health plans: the "Health Insurance Portability and Accountability

More information

ü Ensuring the privacy and security of personally identifiable health information (the Privacy and Security Rules); and

ü Ensuring the privacy and security of personally identifiable health information (the Privacy and Security Rules); and Provided by Benefits By Choice HIPAA Rules: Privacy, Security and Electronic Data Interchange The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad federal law regarding health

More information

Plan Sponsor s Guide to the HIPAA Security Rule

Plan Sponsor s Guide to the HIPAA Security Rule Plan Sponsor s Guide to the HIPAA Security Rule Compliments of Aetna 00.02.117.1 (8/04) The HIPAA Security Rule We live in a world with ever increasing Internet and e-mail access, networking capabilities,

More information

HIPAA Compliance The Time is Now Changes on the Horizon: The Final Regulations on Privacy and Security. May 7, 2013

HIPAA Compliance The Time is Now Changes on the Horizon: The Final Regulations on Privacy and Security. May 7, 2013 HIPAA Compliance The Time is Now Changes on the Horizon: The Final Regulations on Privacy and Security May 7, 2013 Presenters James Clay President Employee Benefits & HR Consulting The Miller Group jimc@millercares.com

More information

FINAL HIPAA HITECH REGULATIONS RELEASED

FINAL HIPAA HITECH REGULATIONS RELEASED FINAL HIPAA HITECH REGULATIONS RELEASED On January 25, 2013, the United States Department of Health and Human Services (HHS) published final regulations implementing changes to the Health Insurance Portability

More information

The HIPAA Privacy Rule: Overview and Impact

The HIPAA Privacy Rule: Overview and Impact The HIPAA Privacy Rule: Overview and Impact DISCLAIMER: This information is provided as is without any express or implied warranty. It is provided for educational purposes only and does not constitute

More information

Employer Sponsored Group Health Plans and HIPAA. Trudy Millard Krause, DrPH Mark L. Stember, Esq. Linda R. Mendel, Esq. David Ermer, Esq.

Employer Sponsored Group Health Plans and HIPAA. Trudy Millard Krause, DrPH Mark L. Stember, Esq. Linda R. Mendel, Esq. David Ermer, Esq. Health Plans and HIPAA Trudy Millard Krause, DrPH Mark L. Stember, Esq. Linda R. Mendel, Esq. David Ermer, Esq. Employers and HIPAA Employers are not covered entities Guidance 5391 Fed Reg. Vol 67, #157,

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

HIPAA Privacy & Security Training for Clinicians

HIPAA Privacy & Security Training for Clinicians HIPAA Privacy & Security Training for Clinicians Agenda This training will cover the following information: Overview of Privacy Rule and Security Rules Using and disclosing Protected Health Information

More information

The Basics of HIPAA Privacy and Security and HITECH

The Basics of HIPAA Privacy and Security and HITECH The Basics of HIPAA Privacy and Security and HITECH Protecting Patient Privacy Disclaimer The content of this webinar is to introduce the principles associated with HIPAA and HITECH regulations and is

More information

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What

More information

HIPAA RISKS & STRATEGIES. Health Insurance Portability and Accountability Act of 1996

HIPAA RISKS & STRATEGIES. Health Insurance Portability and Accountability Act of 1996 HIPAA RISKS & STRATEGIES Health Insurance Portability and Accountability Act of 1996 REGULATORY BACKGROUND Health Information Portability and Accountability Act (HIPAA) was enacted on August 21, 1996 Title

More information

Population Health Management Program Notice of Privacy Practices

Population Health Management Program Notice of Privacy Practices Population Health Management Program Notice of Privacy Practices Premier Health provides population health management services to its health plan members. Services include wellness program tools and technology,

More information

Member s Name First M.I. Last Dependent s Name (if enrolling in Medicare) First M.I. Last

Member s Name First M.I. Last Dependent s Name (if enrolling in Medicare) First M.I. Last Oklahoma State and Education Employees Group Insurance Board A Division of the Office of State Finance APPLICATION FOR MEDICARE SUPPLEMENT WITH PART D Member ID # *MCENRL* Phone ( ) Member s Name First

More information

HIPAA NOTICE OF PRIVACY PRACTICES

HIPAA NOTICE OF PRIVACY PRACTICES HIPAA NOTICE OF PRIVACY PRACTICES Human Resources Department 16000 N. Civic Center Plaza Surprise, AZ 85374 Ph: 623-222-3532 // Fax: 623-222-3501 TTY: 623-222-1002 Purpose of This Notice This Notice describes

More information

Final HIPAA/HITECH Omnibus Rule Makes Significant Changes for Health Plans and Their Business Associates

Final HIPAA/HITECH Omnibus Rule Makes Significant Changes for Health Plans and Their Business Associates Final HIPAA/HITECH Omnibus Rule Makes Significant Changes for Health Plans and Their Business Associates After a very long wait, the Department of Health and Human Services ( HHS ) has issued a final HIPAA/HITECH

More information

HIPAA Privacy at SCG...

HIPAA Privacy at SCG... HIPAA Privacy at SCG......What You Need to Know Click the Next arrow to view the next slide: Copyright 2003, Sarasota County Government All rights reserved Objectives: What Will I Learn? What is HIPAA?

More information

NOTICE OF PRIVACY PRACTICES FOR PURDUE UNIVERSITY HEALTH PLANS

NOTICE OF PRIVACY PRACTICES FOR PURDUE UNIVERSITY HEALTH PLANS NOTICE OF PRIVACY PRACTICES FOR PURDUE UNIVERSITY HEALTH PLANS This notice describes how medical information about you may be used and disclosed, and how you can get access to this information. Please

More information

The HIPAA Standard Transaction Requirements: How do Health Plans Comply?

The HIPAA Standard Transaction Requirements: How do Health Plans Comply? The HIPAA Standard Transaction Requirements: How do Health Plans Comply? April 17, 2014 As most employers are aware, the federal government has released a good deal of guidance related to various provisions

More information

HIPAA - - Basic Concepts and Implementation Roadmap

HIPAA - - Basic Concepts and Implementation Roadmap HIPAA - - Basic Concepts and Implementation Roadmap Prepared by: David Weiner dweiner@seyfarth.com Fredric Singerman fsingerman@dc.seyfarth.com Today s Agenda n Introduction of HIPAA Privacy and Electronic

More information

EXAMPLES of HIPAA violations

EXAMPLES of HIPAA violations EXAMPLES of HIPAA violations Minimum Necessary Policies Hospital Implements New Minimum Necessary Polices for Telephone Messages Covered Entity: General Hospital Issue: Minimum Necessary; Confidential

More information

INTRODUCTION TO HIPAA COMPLIANCE UNDERSTAND YOUR PATHWAY TO HIPAA COMPLIANCE

INTRODUCTION TO HIPAA COMPLIANCE UNDERSTAND YOUR PATHWAY TO HIPAA COMPLIANCE INTRODUCTION TO HIPAA COMPLIANCE UNDERSTAND YOUR PATHWAY TO HIPAA COMPLIANCE INTRODUCTION TO HIPAA COMPLIANCE 2 ABOUT HIPAA COMPLIANCE Health Insurance Portability and Accountability Act (HIPAA) compliance

More information

HIPAA Privacy For our Group Customers and Business Partners

HIPAA Privacy For our Group Customers and Business Partners HIPAA Privacy For our Group Customers and Business Partners AmeriHealth HMO, Inc. AmeriHealth Insurance Company of New Jersey QCC Insurance Company, d/b/a AmeriHealth Insurance Company HIPAA, The Health

More information

INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS. I. Introduction 2. II. Definitions 3

INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS. I. Introduction 2. II. Definitions 3 INDIANA UNIVERSITY SCHOOL OF OPTOMETRY HIPAA COMPLIANCE PLAN TABLE OF CONTENTS I. Introduction 2 II. Definitions 3 III. Program Oversight and Responsibilities 4 A. Structure B. Compliance Committee C.

More information

Whitefish School District. PERSONNEL 5510 page 1 of 5 HIPAA

Whitefish School District. PERSONNEL 5510 page 1 of 5 HIPAA Whitefish School District R PERSONNEL 5510 page 1 of 5 HIPAA Note: (1) Any school district offering a group health care plan for its employees is affected by HIPAA. School districts offering health plans

More information

HIPAA FOR HUMAN RESOURCE EXECUTIVES. Stuart Miller, Esq. Gerry Hinkley, Esq. Davis Wright Tremaine LLP

HIPAA FOR HUMAN RESOURCE EXECUTIVES. Stuart Miller, Esq. Gerry Hinkley, Esq. Davis Wright Tremaine LLP HIPAA FOR HUMAN RESOURCE EXECUTIVES Stuart Miller, Esq. Gerry Hinkley, Esq. Davis Wright Tremaine LLP 1 COVERED ENTITY ANALYSIS Determine if employer is a Covered Entity (health care provider, health plan

More information

BUSINESS ASSOCIATES [45 CFR 164.502(e), 164.504(e), 164.532(d) and (e)]

BUSINESS ASSOCIATES [45 CFR 164.502(e), 164.504(e), 164.532(d) and (e)] BUSINESS ASSOCIATES [45 CFR 164.502(e), 164.504(e), 164.532(d) and (e)] Background By law, the HIPAA Privacy Rule applies only to covered entities health plans, health care clearinghouses, and certain

More information

Webinar: Privacy Conundrums

Webinar: Privacy Conundrums Webinar: Privacy Conundrums Iris Tilley Barran Liebman LLP HIPAA Myth: Health care providers can share personal health information with employers. HIPAA Truth: Employers can t receive personal health information

More information

Hulse/QM Healthcare Advocacy Program Notice of Privacy Practices

Hulse/QM Healthcare Advocacy Program Notice of Privacy Practices Hulse/QM Healthcare Advocacy Program Notice of Privacy Practices THIS NOTICE DESCRIBES HOW PERSONAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE

More information

Health Insurance Portability and Accountability Act Privacy Policy

Health Insurance Portability and Accountability Act Privacy Policy COUNTY OF LEE - PERSONNEL POLICY Last Published Date: 07-01-2006 Health Insurance Portability and Accountability Act Privacy Policy Number: E-2 Revision: 0 Effective Date: 03-01-2010 Pages: 6 1.0 Policy

More information

Am I a Business Associate?

Am I a Business Associate? Am I a Business Associate? Now What? JENNIFER L. RATHBURN Quarles & Brady LLP KATEA M. RAVEGA Quarles & Brady LLP agenda» Overview of HIPAA / HITECH» Business Associate ( BA ) Basics» What Do BAs Have

More information

How To Survive a DOL Audit Welfare Benefit Plans. Presented by: Holly M. Wahl MHP, HIA VP, Compliance & Communications Leader.

How To Survive a DOL Audit Welfare Benefit Plans. Presented by: Holly M. Wahl MHP, HIA VP, Compliance & Communications Leader. How To Survive a DOL Audit Welfare Benefit Plans Employee Benefits Presented by: Holly M. Wahl MHP, HIA VP, Compliance & Communications Leader Thursday, September 18, 2014 AGENDA Employee Benefits What

More information

HIPAA S BUSINESS ASSOCIATE REQUIREMENTS FOR PATHOLOGISTS AND LABORATORIES

HIPAA S BUSINESS ASSOCIATE REQUIREMENTS FOR PATHOLOGISTS AND LABORATORIES HIPAA S BUSINESS ASSOCIATE REQUIREMENTS FOR PATHOLOGISTS AND LABORATORIES What is HIPAA? The Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) establishes new privacy requirements for

More information

Entities Covered by the HIPAA Privacy Rule

Entities Covered by the HIPAA Privacy Rule Entities Covered by the HIPAA Privacy Rule Who Is A Covered Entity? HIPAA standards apply only to: Health care providers who transmit any health information electronically in connection with certain transactions

More information

HIPAA Privacy and Business Associate Agreement

HIPAA Privacy and Business Associate Agreement HR 2011-07 ATTACHMENT D HIPAA Privacy and Business Associate Agreement This Agreement is entered into this day of,, between [Employer] ( Employer ), acting on behalf of [Name of covered entity/plan(s)

More information

2015 Health Law Update

2015 Health Law Update 2015 Health Law Update 1 1 Brad Roehrenbeck General Counsel and Vice President of Legal Services and Compliance Agenda HIPAA & HITECH Act Enforcement Affordable Care Act Developments Tax on High-Cost Health

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the "Agreement") is made and entered into this day of,, by and between Quicktate and idictate ("Business Associate") and ("Covered Entity").

More information

HIPAA Privacy & Breach Notification Training for System Administration Business Associates

HIPAA Privacy & Breach Notification Training for System Administration Business Associates HIPAA Privacy & Breach Notification Training for System Administration Business Associates Barbara M. Holthaus privacyofficer@utsystem.edu Office of General Counsel University of Texas System April 10,

More information

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA TRAINING MANUAL HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA Table of Contents INTRODUCTION 3 What is HIPAA? Privacy Security Transactions and Code Sets What is covered ADMINISTRATIVE

More information

Population Health Management Program Notice of Privacy Practices from Piedmont WellStar HealthPlans, Inc.

Population Health Management Program Notice of Privacy Practices from Piedmont WellStar HealthPlans, Inc. Population Health Management Program Notice of Privacy Practices from Piedmont WellStar HealthPlans, Inc. Piedmont WellStar HealthPlans, Inc. (PWHP) provides population health management services to its

More information

Population Health Management Program Notice of Privacy Practices from Evolent Health

Population Health Management Program Notice of Privacy Practices from Evolent Health Population Health Management Program Notice of Privacy Practices from Evolent Health MedStar Health, Inc., a Maryland not-for-profit corporation, has contracted with Evolent Health, Inc., a Delaware corporation

More information

BROWN RUDNICK BERLACK ISRAELS LLP. Group Health Plan Compliance with HIPAA and ERISA: NAVIGATING THE LEGAL AND

BROWN RUDNICK BERLACK ISRAELS LLP. Group Health Plan Compliance with HIPAA and ERISA: NAVIGATING THE LEGAL AND B R B I BROWN RUDNICK BERLACK ISRAELS LLP Group Health Plan Compliance with HIPAA and ERISA: NAVIGATING THE LEGAL AND ADMINISTRATIVE MAZE Q&A 2003 QUESTION AND ANSWER RESOURCE GUIDE Group Health Plan Compliance

More information

Compliance Steps for the Final HIPAA Rule

Compliance Steps for the Final HIPAA Rule Brought to you by Cottingham & Butler for the Final HIPAA Rule On Jan. 25, 2013, the Department of Health and Human Services (HHS) issued a final rule under HIPAA s administrative simplification provisions.

More information

HIPAA Privacy Rule Primer for the College or University Administrator

HIPAA Privacy Rule Primer for the College or University Administrator HIPAA Privacy Rule Primer for the College or University Administrator On August 14, 2002, the Department of Health and Human Services ( HHS ) issued final medical privacy regulations (the Privacy Rule

More information

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection

More information

Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA) Health Insurance Portability and Accountability Act (HIPAA) General Education Presented by: Bureau of Personnel Department of Health Department of Human Services Department of Social Services Bureau of

More information

HIPAA Compliance for Payor Organizations

HIPAA Compliance for Payor Organizations HIPAA Compliance for Payor Organizations Key Issues For Health Plans Under HIPAA Privacy Regulations HCAA 2002 Annual Compliance Institute April 21, 2002 Wendy L. Krasner McDermott, Will & Emery Washington,

More information

Schindler Elevator Corporation

Schindler Elevator Corporation -4539 Telephone: (973) 397-6500 Mail Address: P.O. Box 1935 Morristown, NJ 07962-1935 NOTICE OF PRIVACY PRACTICES FOR PROTECTED HEALTH INFORMATION THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU

More information

BUSINESS ASSOCIATE AGREEMENT. Recitals

BUSINESS ASSOCIATE AGREEMENT. Recitals BUSINESS ASSOCIATE AGREEMENT This Agreement is executed this 8 th day of February, 2013, by BETA Healthcare Group. Recitals BETA Healthcare Group consists of BETA Risk Management Authority (BETARMA) and

More information

Orbograph HIPAA/HITECH Compliance, Resiliency and Security

Orbograph HIPAA/HITECH Compliance, Resiliency and Security Orbograph HIPAA/HITECH Compliance, Resiliency and Security Version 1.0 August 2013 Legal Notice This document is delivered subject to the following conditions and restrictions: The document contains proprietary

More information

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule Understanding Health Insurance Portability Accountability Act AND HITECH HIPAA s Privacy Rule 1 What Is HIPAA s Privacy Rule The privacy rule is a component of the Health Insurance Portability and Accountability

More information

SCHOOL DISTRICT OF BLACK RIVER FALLS HIPAA PRIVACY AND SECURITY POLICY

SCHOOL DISTRICT OF BLACK RIVER FALLS HIPAA PRIVACY AND SECURITY POLICY SCHOOL DISTRICT OF BLACK RIVER FALLS HIPAA PRIVACY AND SECURITY POLICY School Board Policy 523.5 The School District of Black River Falls ( District ) is committed to compliance with the health information

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,

More information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES I. Overview / Definitions The Health Insurance Portability and Accountability Act is a federal law

More information

Online Banking, Bill Pay, and E-Statements

Online Banking, Bill Pay, and E-Statements Online Banking, Bill Pay, and E-Statements ERROR RESOLUTION NOTICE In case of errors or questions about your electronic transfers, call or write us at the telephone number or address listed in this brochure,

More information

HHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI

HHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI January 23, 2013 HHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI Executive Summary HHS has issued final regulations that address recent legislative

More information

The privacy rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) have been

The privacy rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) have been As Appeared in Benefits Law Journal Vol. 17, No. 1, Spring 2004 HIPAA Privacy Compliance: It s Time to Take It Seriously By Russell E. Greenblatt and Jeffrey J. Bakker, Katten Muchin Zavis Rosenman 2004

More information

Why Lawyers? Why Now?

Why Lawyers? Why Now? TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business

More information

WHAT YOU CAN EXPECT FROM MERCER

WHAT YOU CAN EXPECT FROM MERCER HEALTH WEALTH CAREER WHAT YOU CAN EXPECT FROM MERCER OUR COMMITMENT TO ETHICAL AND TRANSPARENT BUSINESS PRACTICES, INNOVATION, AND EXCELLENCE Thank you for the opportunity to work with you to enhance the

More information

Maryland Health Insurance Plan

Maryland Health Insurance Plan Audit Report Maryland Health Insurance Plan April 2012 OFFICE OF LEGISLATIVE AUDITS DEPARTMENT OF LEGISLATIVE SERVICES MARYLAND GENERAL ASSEMBLY This report and any related follow-up correspondence are

More information

This is a "preview " of the BAA agreement. You'll be able to sign the BAA electronically after you upgrade to the Powerhouse Player plan.

This is a preview  of the BAA agreement. You'll be able to sign the BAA electronically after you upgrade to the Powerhouse Player plan. BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is entered into as of (the Effective Date ), by and between ("Covered Entity") and Acuity Scheduling, Inc. ("Business Associate").

More information

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule HIPAA More Important Than You Realize J. Ira Bedenbaugh Consulting Shareholder February 20, 2015 This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record

More information

The Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No. 94-94A-94B, AFL-CIO. Notice of Privacy Practices

The Health and Benefit Trust Fund of the International Union of Operating Engineers Local Union No. 94-94A-94B, AFL-CIO. Notice of Privacy Practices The Health and Benefit Trust Fund of the International Union of Operating Section 1: Purpose of This Notice Notice of Privacy Practices Effective as of September 23, 2013 THIS NOTICE DESCRIBES HOW MEDICAL

More information

2015 Federal Health Care Update

2015 Federal Health Care Update 2015 Federal Health Care Update 1 1 Agenda! HIPAA & HITECH Act Enforcement! EEOC Wellness Incentive Proposed Regulations! Affordable Care Act Developments! ACA Litigation Update! Tax on High-Cost Health

More information

Effective Date: March 23, 2016

Effective Date: March 23, 2016 AIG COMPANIES Effective Date: March 23, 2016 HIPAA NOTICE OF PRIVACY PRACTICES THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

More information

OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463. Court Reporters and HIPAA

OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463. Court Reporters and HIPAA Court Reporters and HIPAA OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463 1 What Exactly is HIPAA? HIPAA is an acronym for the Health Insurance Portability and Accountability Act

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement (the Agreement ), is made and is effective as of this day of, 2013 ( Effective Date ), between, located at ( Business Associate

More information

DISCLAIMER. HIPPAA Notice of Privacy. HIPAA Notice of Privacy Practices Printable PDF. Effective November 1, 2015

DISCLAIMER. HIPPAA Notice of Privacy. HIPAA Notice of Privacy Practices Printable PDF. Effective November 1, 2015 DISCLAIMER Direct Medical Imaging LLC (DMI) dba Pembina High Field MRI provides scanning and services, including an interpretation of the scan by a board certified radiologist. DMI cannot and does not

More information

THIRD PARTIES HAVING ACCESS TO PHI

THIRD PARTIES HAVING ACCESS TO PHI Health Insurance Portability and Accountability Act (HIPAA) Terms and Conditions For Business Associates I. OVERVIEW The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that

More information

HIPAA, HIPAA Hi-TECH and HIPAA Omnibus Rule

HIPAA, HIPAA Hi-TECH and HIPAA Omnibus Rule HIPAA, HIPAA Hi-TECH and HIPAA Omnibus Rule NYCR-245157 HIPPA, HIPAA HiTECH& the Omnibus Rule A. HIPAA IIHI and PHI Privacy & Security Rule Covered Entities and Business Associates B. HIPAA Hi-TECH Why

More information

Medicare Advantage and Medicare Part D Fraud, Waste, and Abuse Training. Introduction

Medicare Advantage and Medicare Part D Fraud, Waste, and Abuse Training. Introduction Medicare Advantage and Medicare Part D Fraud, Waste, and Abuse Training 2009 Introduction The Centers for Medicare & Medicaid Services (CMS) requires Medicare Advantage Organizations (MAO) to have policies

More information

On-Site Clinics Can Bring Value, Efficiency And a Host of Compliance Issues

On-Site Clinics Can Bring Value, Efficiency And a Host of Compliance Issues September 24, 2015 On-Site Clinics Can Bring Value, Efficiency And a Host of Compliance Issues For employers with several hundred workers at a single location, an on-site clinic can be an effective tool

More information

23RD NATIONAL HIPAA SUMMIT

23RD NATIONAL HIPAA SUMMIT 23RD NATIONAL HIPAA SUMMIT OMNI SHOREHAM HOTEL WASHINGTON, D.C. MARCH 16 18, 2015 The HIPAA Privacy and Security Rules from the Employer s/group Health Plan Sponsor s Perspective Prepared by Alden J. Bianchi,

More information

New HIPAA Certification Requirement & Other New Health Plan To Do Tasks under HIPAA Standard Transaction Rules

New HIPAA Certification Requirement & Other New Health Plan To Do Tasks under HIPAA Standard Transaction Rules February 4, 2014 Authors: Christy A. Tinnes, Lisa A. Christensen, and Vivian Hunter Turner If you have questions, please contact your regular Groom attorney or any of the Health and Welfare attorneys listed

More information

HIPAA Agreements Overview, Guidelines, Samples

HIPAA Agreements Overview, Guidelines, Samples HIPAA Agreements Overview, Guidelines, Samples I. Purpose The purpose of this document is to provide an overview of the regulatory requirements related to HIPAA trading partner agreements, business associate

More information

What Every Medical Device Manufacturer Needs To Know About HIPAA. By Leigh-Ann M. Patterson, Esq. Nixon Peabody LLP, Partner, HIPAA Task Force

What Every Medical Device Manufacturer Needs To Know About HIPAA. By Leigh-Ann M. Patterson, Esq. Nixon Peabody LLP, Partner, HIPAA Task Force What Every Medical Device Manufacturer Needs To Know About HIPAA By Leigh-Ann M. Patterson, Esq. Nixon Peabody LLP, Partner, HIPAA Task Force April 6, 2003 The purpose of this HIPAA Law Alert is to explain

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT Talksoft is BA with Covered Entity BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is made this day of, and entered into between, ( Covered Entity ) having its principal place of

More information