Social Marketing & Liability
|
|
- Mabel West
- 8 years ago
- Views:
Transcription
1 Social Marketing & Liability Fred E. Karlinsky, Esq. Co-Chair, Insurance Regulatory & Transactions Practice Shareholder, Greenberg Traurig Louisiana Insurers Conference Insurance Compliance Seminar August 6, 2015 GREENBERG TRAURIG, LLP ATTORNEYS AT LAW Greenberg Traurig, LLP. All rights reserved.
2 Disclaimer The information in this presentation is intended to provide a general overview of the issues contained herein and is not intended, nor should it be construed, to provide specific legal or regulatory guidance or advice. If you have any questions or issues of a specific nature, you should consult with appropriate legal or regulatory counsel to review the specific circumstances involved. 2
3 Agenda > General Overview > Marketing Compliance Issues > Data Collection 3
4 Part One General Overview 4
5 Use Statistics > Usage continues to grow and change 73% of online adults use social networking sites 64% of users visit social sites at least once per day More and more users are accessing via mobile vs. computer 5
6 Primary Platforms Cheat sheet? 6
7 Primary Platforms 7
8 Most Commonly Used by Marketers 8
9 Legal Challenges > Social Media blurs our personal and professional lives Most sites encourage sharing of personal information Difficult to separate work from personal events Expectation to share many details of our lives, both personal and professional > Ethical issues: Social media interactions with clients Friend your clients? Establishing appropriate boundaries for professional relationships 9
10 Regulatory and Legal Issues > Sources of law: State Law and Federal Law National Association of Insurance Commissioners (NAIC) 10
11 State and Federal Law > The states are the primary insurance regulators State laws effect social media use Advertising/marketing laws Customer information use, handling, storage, etc. > Federal laws often mandate that the states adopt laws implementing certain standards Gramm Leach Bliley Act Health Insurance Portability and Accountability Act Health Information Technology for Economic and Clinical Health Act Trademark 11
12 NAIC > NAIC has adopted several Model Laws and Regulations: Unfair trade practices Advertising and marketing 2012 NAIC White Paper The Use of Social Media in Insurance > The White Paper focuses on the following key points: Insurance company and producer uses of social media Regulatory and compliance issues associated with the use of social media Guidance for addressing identified regulatory and compliance issues 12
13 Part Two Marketing Compliance Issues 13
14 Benefits of Social Media According to Marketers: 14
15 Objectives and Strategy > Social media is an incredible opportunity to humanize an insurance company s brand > As such, these companies want to translate their brand to social media: Define its personality and voice Develop guidelines for how, when and what topics you will engage in for social media What matters to your customers 15
16 Advertising > Promoted posts/tweets in Facebook, Instagram and Twitter help their brand get more visibility in news feeds > Able to geo-target, get hyper local Set audience requirements (gender, age, interests) > Set budget and duration 16
17 Examples of Social Media Advertising > Likes for Donations to Charities > Retweet positive messages > Farmville > Youtube Channel 17
18 Advertisement Defined > Information that is: Designed to create public interest in insurance, an insurer, or a producer or Induce the public to purchase, increase, modify, reinstate, or retain an insurance policy 18
19 Advertising Compliance > State advertising laws apply to electronic marketing the same way they apply to traditional forms of advertising Statutes may specifically provide for this, or laws may be interpreted to include electronic communications > Social media advertising can transcend state borders Creates additional issues 19
20 Advertising Compliance: Florida > The Florida Office of Insurance Regulation definition of advertisement includes communications containing any assertion, representation, or statement with respect to the business of insurance Excludes material not meant for public dissemination and communications with policyholders not meant to encourage renewal or expansion of coverage 20
21 Advertising Compliance: Louisiana > Material designed to create public interest... or to induce the public to purchase, increase, modify, reinstate, borrow on, surrender, replace, or retain a policy Excludes communications or materials used within the organization and not intended for dissemination to the public 21
22 Liability > The party responsible for traditional advertising content is easy to identify > Social media posts can be anonymous Difficult to identify the party responsible for such content > Competing theories related to identifying the party responsible for social media content: Adoption and Entanglement Theories Communication Decency Act of
23 Liability > Adoption Theory Social media hosts can be found responsible for third party content if the host re-posts or forwards the content from their own social media platform Can also include the failure to remove content > Entanglement Theory An entity can be considered responsible for third party content if the entity was involved in the development of the content 23
24 Liability > Communications Decency Act of 1996 Subject to certain conditions, provides that internet users cannot be found liable for the posts of third parties Meant to promote development of the internet > Difficult to reconcile the Adoption and Entanglement Theories with the Communications Decency Act 24
25 Liability > Adoption Theory Tested: Swift v. Zynga Game Network, Inc. Rebecca Swift seeks to hold Facebook and Zynga liable for content produced by a third party offered in connection with Zynga games accessed through Facebook Filed in 2009, the class action lawsuit is still ongoing 25
26 Producer Content > Insurers can be liable for the posts of appointed agents The insurer is responsible for the posts of appointed agents that are attributed to the insurer The insurer is not responsible for posts not attributed to it > Social media policies should recognize and define these issues 26
27 Social Media Policies > Social media policies provide guidelines to mitigate risks associated with the use of social media platforms All employees should be familiar with the policy > Social media policies should include: Prohibitions on revealing confidential or proprietary information Disclaimers when necessary Guidance on the use of company logos or trademarks Respect for copyright, privacy, fair use, financial disclosure, and other applicable laws 27
28 Social Media Policies > Policies should broadly define what electronic communications are covered by the policy Should cover all hardware, software and communications activity > Employees participating in social media for business purposes should be appropriately trained and supervised Prohibit employees from engaging in business communications that are not subject to the company s supervision > Employees should have separate business and personal accounts 28
29 Social Media Policies > Set meaningful limits on who may engage in what activity during work hours on company systems > Require employees to identify themselves Employees should make clear that the opinions they express are their own, and not those of the company > Prohibit discriminatory or harassing posts > Instruct employees not to endorse company products until the message has been reviewed and approved 29
30 Social Media Policies > Keep creativity in check Do not sacrifice content for fanfare > Prohibit individual communications on wall postings > Do not be lazy with grammar and spelling > Do not friend strangers > When necessary, submit content for prior approval with state regulators > Acknowledge and respond to consumer complaints > Maintain compliant record retention policies 30
31 Producer Policies > Compliance professionals should ensure that personnel communicating on behalf of the company are licensed when necessary Establish controls over who may respond to social media posts Monitor producers, venders and other partners linked to social media sites to ensure compliance > Many states require that marketing be conducted in the insurer s name Social media accounts must satisfy this requirement 31
32 Agent Agreements > Insurers should enter into agreements with their agents to: Provide for prior approval for advertisements Define approved content Provide for training on website and social media maintenance and tools > Review agreements with agents to ensure they contain compliance responsibility, prior approval and hold harmless provisions Contracts should clearly define the rights and obligations of each party with regards to social media use 32
33 Crisis Planning > The speed and reach of social media mean that crises WILL happen There is little time to react Reining things in is difficult > Identify a response team and establish a plan of action before a crisis occurs 33
34 Records Retention > Most states require maintenance of records of advertisements disseminated to the public > Maintenance of records of social media content is not as simple as maintenance of traditional advertisements Social media sites change constantly 34
35 Records Retention > It is unclear whether just an initial post must be retained, or whether the initial post and all responses must be retained > Users of social media may have to retain content posted by third parties > Retaining posts made and received on personal electronic devices should be considered 35
36 Part Three Data Collection & Data Breaches 36
37 Social Data > There is little privacy on social media Individuals can control who sees their social media pages, but not who markets to them > This data is useful to marketers More targeted advertising Measure social media performance Learn what is important to customers > Collecting customer information carries risks The company becomes liable for unauthorized release of personal information 37
38 Sources of Law > Gramm Leach Bliley Act (GLBA) > Health Insurance Portability and Accountability Act (HIPAA) Health Information Technology for Economic and Clinical Health Act (HITECH) > State standards 38
39 Gramm Leach Bliley > Deals with the use and disclosure of consumers nonpublic personal information (NPI) NPI is individual s personally identifiable information collected in connection with providing an insurance product or service, unless the information is publicly available > Prohibits disclosure of a consumer s information to nonaffiliated third parties unless certain requirements are met 39
40 State Enforcement > GLBA requires the states to enact legislation implementing the GLBA privacy protection provisions > State insurance regulators enforce its provisions > Variation between the states 40
41 NAIC Model 673 > 2002: the NAIC adopted Model 673, Standards for Safeguarding Customer Information Advises states on how to implement GLBA > Establishes standards for developing and implementing administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information 41
42 HIPAA > HIPAA provides guidelines for disclosure of patient health information Applies to covered entities and their business associates > Covered entities: A health plan A health care clearinghouse A health care provider who transmits any health information in electronic form in connection with certain transactions > Business associates of covered entities: Entities that, on behalf of a covered entity, assist with activities involving the disclosure of individually identifiable health information Includes agents 42
43 HIPAA > Nonpublic personal health information (PHI): Identifies an individual who is the subject of the information; or Reasonable basis to believe that the information could be used to identify an individual > Security Rule > Privacy Rule 43
44 HITECH > When there is a data breach, HITECH requires health care providers and other HIPAA covered entities to promptly notify affected individuals, the Secretary of Health and Human Services (HHS), and in some cases the media Annual reporting requirements to HHS > Provides a safe harbor for following the guidelines to secure information 44
45 HIPAA/HITECH Example > Data breach with in a hospital system resulted in $4.8M HIPAA settlements > Breach was caused when a physician employed by the hospital, who developed applications for the hospital attempted to deactivate a personally-owned computer server on the network containing patient ephi. > Because of a lack of technical safeguards, deactivation of the server resulted in ephi being accessible on internet search engines. 45
46 Notification of Data Breach > Almost every state has laws that govern notification of security breaches Must notify affected parties of the breach > Know what not and when to disclose > Safe harbor laws 46
47 Notification: Louisiana > Database Security Breach Notification Law > Notification Trigger requires a risk of harm analysis No reasonable likelihood of harm to customers Only applies if information was not encrypted or redacted > Notice to Citizens and to Attorney General Received within 10 days of notice to citizens > Permits a private cause of action 47
48 Notification: Florida > The Florida Information Protection Act of 2014 took effect on July 1, 2014 Imposes requirements on covered entities that experience data breaches It is more stringent than previous Florida laws > Applies to any commercial entity that uses personal information Also covers third-party agents who process personal information on behalf of a covered entity > Generally, covered entities must provide notice to the Department of Legal Affairs and the affected individuals within 30 days of discovering the breach Safe harbor for encrypted data 48
49 Record Disposal > Under the Uniform Electronic Transactions Act (UETA), if a law requires retention of a record, the record may be stored electronically > How long to retain records? The more you have, the more you can lose > Laws on disposal, redaction, destruction of records 49
50 Key Points > Must determine how much personally identifiable information will be collected about insureds and potential insured through social media platforms > Privacy policies are critical for insurance entities Set forth the terms by which the company will handle personal information collected from consumers Needed to comply with applicable law 50
51 Questions? 51
By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN
Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the
More informationHIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions
HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions A. Business Associate. Business Associate shall have the meaning given to such term under the Privacy and Security Rules, including,
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,
More informationRegulatory Update with a Touch of HIPAA
Regulatory Update with a Touch of HIPAA Cloud Communications Alliance Quarterly Meeting Miami, January 2015 Glenn S. Richards, Partner Pillsbury Winthrop Shaw Pittman LLP Phone: 202.663.8215 glenn.richards@pillsburylaw.com
More informationHHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI
January 23, 2013 HHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI Executive Summary HHS has issued final regulations that address recent legislative
More informationBUSINESS ASSOCIATE AGREEMENT. Recitals
BUSINESS ASSOCIATE AGREEMENT This Agreement is executed this 8 th day of February, 2013, by BETA Healthcare Group. Recitals BETA Healthcare Group consists of BETA Risk Management Authority (BETARMA) and
More informationHIPAA and the HITECH Act Privacy and Security of Health Information in 2009
HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:
More informationShipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS
Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009
More informationSocial Media and Implications Related to Insurance Operations. Richard J. Fidei, Esq. and Timothy F. Stanfield, Esq.
Social Media and Implications Related to Insurance Operations By Richard J. Fidei, Esq. and Timothy F. Stanfield, Esq. Technology and internet connectivity, including social media, have saturated our society
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (this Agreement ), effective as of May 1, 2014 (the Effective Date ), by and between ( Covered Entity ) and Orchard Software Corporation,
More information3/13/2015 HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA?
HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA? 1 DEFINITIONS HIPAA Health Insurance Portability and Accountability Act of 1996 Primarily designed
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is entered into by and between Professional Office Services, Inc., with principal place of business at PO Box 450, Waterloo,
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (the AGREEMENT ) is entered into this (the "Effective Date"), between Delta Dental of Tennessee ( Covered Entity ) and ( Business Associate
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the "Agreement") is made and entered into this day of,, by and between Quicktate and idictate ("Business Associate") and ("Covered Entity").
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) by and between (hereinafter known as Covered Entity ) and Office Ally, LLC. (hereinafter known as Business Associate ), and
More informationHIPAA Security Rule Compliance
HIPAA Security Rule Compliance Caryn Reiker MAXIS360 HIPAA Security Rule Compliance what is it and why you should be concerned about it Table of Contents About HIPAA... 2 Who Must Comply... 2 The HIPAA
More information12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule
HIPAA More Important Than You Realize J. Ira Bedenbaugh Consulting Shareholder February 20, 2015 This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT 1. DEFINITIONS: 1.1 Undefined Terms: Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms defined by the Health Insurance Portability
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is effective ( Effective Date ) by and between ( Covered Entity ) and Egnyte, Inc. ( Egnyte or Business Associate ). RECITALS
More informationMedical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions
Medical Privacy Version 2015.12.10 - Standard Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the Lux Scientiae HIPAA Customer signee is a
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - Business Associates 10230
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - Business Associates 10230 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel & Compliance Policy Title:
More informationCREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy
CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE
More informationHEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES I. Overview / Definitions The Health Insurance Portability and Accountability Act is a federal law
More informationMaxMD 2200 Fletcher Ave. 5 th Floor Fort Lee, NJ (201) 963 0005 www.max.md www.mdemail.md support@max.md Page 1of 10
Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the MaxMD Customer signee is a Covered Entity or "HIPAA Business Associate," as defined below.
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ("Agreement") is made and is effective as of the date of electronic signature("effective Date") between Name of Organization ("Covered
More informationDisclaimer: Template Business Associate Agreement (45 C.F.R. 164.308)
HIPAA Business Associate Agreement Sample Notice Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) The information provided in this document does not constitute, and is no substitute
More informationHHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers
Compliance Tip Sheet National Hospice and Palliative Care Organization www.nhpco.org/regulatory HHS Issues New HITECH/HIPAA Rule: Implications for Hospice Providers Hospice Provider Compliance To Do List
More informationBuilding Trust and Confidence in Healthcare Information. How TrustNet Helps
Building Trust and Confidence in Healthcare Information The management of healthcare information in the United States is regulated under the HIPAA (Health Insurance Portability and Accountability Act)
More informationSAMPLE BUSINESS ASSOCIATE AGREEMENT
SAMPLE BUSINESS ASSOCIATE AGREEMENT This is a draft business associate agreement based on the template provided by HHS. It is not intended to be used as is and you should only use the agreement after you
More informationPlease print the attached document, sign and return to privacy@covermymeds.com or contact Erica Van Treese, Account Manager, Provider Relations &
Please print the attached document, sign and return to privacy@covermymeds.com or contact Erica Van Treese, Account Manager, Provider Relations & Solutions. Office: 866-452-5017, Fax: 615-379-2541, evantreese@covermymeds.com
More informationPlease Read. Apgar & Associates, LLC apgarandassoc.com P. O. Box 80278 Portland, OR 97280 503-384-2538 877-376-1981 503-384-2539 Fax
Please Read This business associate audit questionnaire is part of Apgar & Associates, LLC s healthcare compliance resources, Copyright 2014. This questionnaire should be viewed as a tool to aid in evaluating
More informationAdding Cloud Solutions to Customer Contracts Robert J. Scott
Adding Cloud Solutions to Customer Contracts Robert J. Scott MSP vs. Cloud Who owns the hardware? Where does the data reside? Dedicated vs. Multi tenant? Who contracts with 3 rd parties? How are services
More informationLong-Expected Omnibus HIPAA Rule Implements Significant Privacy and Security Regulations for Entities and Business Associates
Legal Update February 11, 2013 Long-Expected Omnibus HIPAA Rule Implements Significant Privacy and Security Regulations for Entities and Business Associates On January 17, 2013, the Department of Health
More informationHIPAA OMNIBUS RULE: EXPANDED COMPLIANCE REQUIREMENTS
HIPAA OMNIBUS RULE: EXPANDED COMPLIANCE REQUIREMENTS James J. Eischen, Jr., Esq. November 2013 San Diego, California JAMES J. EISCHEN, JR., ESQ. Partner at Higgs, Fletcher & Mack, LLP 26+ years of experience
More informationAGREEMENT. Solicitor Without Per Diem Compensation
Solicitor Without Per Diem Compensation AGREEMENT Products underwritten by: American General Life Insurance Company Houston, Texas The United States Life Insurance Company in the City of New York New York,
More informationNew HIPAA Breach Notification Rule: Know Your Responsibilities. Loudoun Medical Group Spring 2010
New HIPAA Breach Notification Rule: Know Your Responsibilities Loudoun Medical Group Spring 2010 Health Information Technology for Economic and Clinical Health Act (HITECH) As part of the Recovery Act,
More informationTitle Insurance and Settlement Company Best Practices. American Land Title Association
Title Insurance and Settlement Company Best Practices American Land Title Association Future of the Land Title Industry Working groups helping to identify steps to ensure the title industry continues to
More informationUpdated HIPAA Regulations What Optometrists Need to Know Now. HIPAA Overview
Updated HIPAA Regulations What Optometrists Need to Know Now The U.S. Department of Health & Human Services Office for Civil Rights recently released updated regulations regarding the Health Insurance
More informationBUSINESS ASSOCIATE AGREEMENT RECITALS
BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is entered into and made this day of, 201_, ( Effective Date ) by and among Interpra, Inc., S & S Health Products, Inc.
More informationMy Docs Online HIPAA Compliance
My Docs Online HIPAA Compliance Updated 10/02/2013 Using My Docs Online in a HIPAA compliant fashion depends on following proper usage guidelines, which can vary based on a particular use, but have several
More informationData Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm
Electronic Health Records: Data Security and Integrity of e-phi Worcester, MA Wednesday, 2:15pm 3:30pm Agenda Introduction Learning Objectives Overview of HIPAA HIPAA: Privacy and Security HIPAA: The Security
More informationWhite Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES
White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES CONTENTS Introduction 3 Brief Overview of HIPPA Final Omnibus Rule 3 Changes to the Definition of Business Associate
More informationUniversity Healthcare Physicians Compliance and Privacy Policy
Page 1 of 11 POLICY University Healthcare Physicians (UHP) will enter into business associate agreements in compliance with the provisions of the Health Insurance Portability and Accountability Act of
More informationTERMS OF USE. Last Updated: October 8, 2015
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org TERMS OF USE Last Updated: October 8, 2015 This Terms of Use Agreement (this "Agreement") is
More informationCovered California. Terms and Conditions of Use
Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products
More informationAre You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.
Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style March 27, 2013 www.mcguirewoods.com Introductions Holly Carnell McGuireWoods LLP
More informationBENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT
BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( Agreement ) dated as of the signature below, (the Effective Date ), is entered into by and between the signing organization
More informationAm I a Business Associate? Do I want to be a Business Associate? What are my obligations?
Am I a Business Associate? Do I want to be a Business Associate? What are my obligations? Brought to you by Winston & Strawn s Health Care Practice Group 2013 Winston & Strawn LLP Today s elunch Presenters
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT The parties to this ( Agreement ) are, a _New York_ corporation ( Business Associate ) and ( Client ) you, as a user of our on-line health record system (the "System"). BY
More informationModel Business Associate Agreement
Model Business Associate Agreement Instructions: The Texas Health Services Authority (THSA) has developed a model BAA for use between providers (Covered Entities) and HIEs (Business Associates). The model
More informationUnderstanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions
Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What
More informationThe Institute of Professional Practice, Inc. Business Associate Agreement
The Institute of Professional Practice, Inc. Business Associate Agreement This Business Associate Agreement ( Agreement ) effective on (the Effective Date ) is entered into by and between The Institute
More informationWelcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information
Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationYU General Guidelines for Use of Social Media
INTRODUCTION AND SCOPE General Guidelines for Use of Social Media Social media can be a valuable and powerful means of communication. Yeshiva University and its constituent schools (collectively, the University
More informationBusiness Associates, HITECH & the Omnibus HIPAA Final Rule
Business Associates, HITECH & the Omnibus HIPAA Final Rule HIPAA Omnibus Final Rule Changes Business Associates Marissa Gordon-Nguyen, JD, MPH Health Information Privacy Specialist Office for Civil Rights/HHS
More informationSaaS. Business Associate Agreement
SaaS Business Associate Agreement This Business Associate Agreement ( BA Agreement ) becomes effective pursuant to the terms of Section 5 of the End User Service Agreement ( EUSA ) between Customer ( Covered
More informationWelcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013
Welcome to ChiroCare s Fourth Annual Fall Business Summit October 3, 2013 HIPAA Compliance Regulatory Overview & Implementation Tips for Providers Agenda Green packet Overview of general HIPAA terms and
More informationBusiness Associate Agreement
This Business Associate Agreement Is Related To and a Part of the Following Underlying Agreement: Effective Date of Underlying Agreement: Vendor: Business Associate Agreement This Business Associate Agreement
More informationOverview of the HIPAA Security Rule
Office of the Secretary Office for Civil Rights () Overview of the HIPAA Security Rule Office for Civil Rights Region IX Alicia Cornish, EOS Sheila Fischer, Supervisory EOS Topics Upon completion of this
More informationDRAFT BUSINESS ASSOCIATES AGREEMENT
DRAFT BUSINESS ASSOCIATES AGREEMENT THIS AGREEMENT is made this day of, 20, by and among, a Corporation organized under the laws of the State of (hereinafter known as "Covered Entity") and organized under
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement is effective September 1, 2013 and made between Community Health Solutions of America, Inc., a Florida corporation ( CHS ) and ( Company ).
More informationGUIDANCE FOR MANAGING THIRD-PARTY RISK
GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,
More informationBUSINESS ASSOCIATE AGREEMENT Tribal Contract
DEPARTMENT OF HEALTH SERVICES Division of Enterprise Services F-00714 (08/2013) STATE OF WISCONSIN BUSINESS ASSOCIATE AGREEMENT Tribal Contract This Business Associate Agreement is made between the Wisconsin
More informationSTATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM
STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM BETWEEN The Division of Health Care Financing and Policy Herein after referred to as the Covered Entity and (Enter Business
More informationKeeping a Finger on the Pulse of Social Media in Healthcare: Understanding Evolving Roles and Risks
Keeping a Finger on the Pulse of Social Media in Healthcare: Understanding Evolving Roles and Risks Viviane Jesequel, RN, BS, HCRM Social media is simply a broad umbrella term that covers a wide range
More informationCATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT
CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (Agreement) is made this day of, 20, between the Catholic Social Services ( CSS ), whose business address is 3710
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the BAA ) is made and entered into as of the day of, 20, by and between Delta Dental of California (the Covered Entity ) and (the Business
More informationThe HITECH Act: Implications to HIPAA Covered Entities and Business Associates. Linn F. Freedman, Esq.
The HITECH Act: Implications to HIPAA Covered Entities and Business Associates Linn F. Freedman, Esq. Introduction and Overview On February 17, 2009, President Obama signed P.L. 111-05, the American Recovery
More informationA s a covered entity or business associate, you have
Health IT Law & Industry Report VOL. 7, NO. 19 MAY 11, 2015 Reproduced with permission from Health IT Law & Industry Report, 07 HITR, 5/11/15. Copyright 2015 by The Bureau of National Affairs, Inc. (800-372-1033)
More informationSample Business Associate Agreement (4. Other Bus. Assoc., Version 6-06-05)
Sample Business Associate Agreement (4. Other Bus. Assoc., Version 6-06-05) This Business Associate Agreement (the Agreement ) is entered into as of, 20, (the Effective Date ) by and between, (the Covered
More informationWellDyneRxWEST Customer (TPA, Broker, Consultant, Group Health Plan, and other).
WellDyneRxWEST Customer (TPA, Broker, Consultant, Group Health Plan, and other). RE: HIPAA Business Associate Agreement Effective 4/14/04 Business Associate: WellDyneRxWEST, Inc., a Colorado Corporation
More informationCMA BUSINESS ASSOCIATE AGREEMENT WITH CMA MEMBERS
CMA BUSINESS ASSOCIATE AGREEMENT WITH CMA MEMBERS Dear Physician Member: Thank you for contacting the California Medical Association and thank you for your membership. In order to advocate on your behalf,
More informationOCR UPDATE Breach Notification Rule & Business Associates (BA)
OCR UPDATE Breach Notification Rule & Business Associates (BA) Alicia Galan Supervisory Equal Opportunity Specialist March 7, 2014 HITECH OMNIBUS A Reminder of What s Included: Final Modifications of the
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT 1. The terms and conditions of this document entitled Business Associate Agreement ( Business Associate Agreement ), shall be attached to and incorporated by reference in the
More informationHIPAA Violations Incur Multi-Million Dollar Penalties
HIPAA Violations Incur Multi-Million Dollar Penalties Whitepaper HIPAA Violations Incur Multi-Million Dollar Penalties Have you noticed how many expensive Health Insurance Portability and Accountability
More informationThis form may not be modified without prior approval from the Department of Justice.
This form may not be modified without prior approval from the Department of Justice. Delete this header in execution (signature) version of agreement. HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate
More informationHIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN. Stewart C. Miller & Co., Inc. (Business Associate) AND
HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN Stewart C. Miller & Co., Inc. (Business Associate) AND City of West Lafayette Flexible Spending Plan (Covered Entity) TABLE OF CONTENTS
More informationWhat Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act
What Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act by Lane W. Staines and Cheri D. Green On February 17, 2009, The American Recovery and Reinvestment Act
More informationBusiness Associate Agreement Involving the Access to Protected Health Information
School/Unit: Rowan University School of Osteopathic Medicine Vendor: Business Associate Agreement Involving the Access to Protected Health Information This Business Associate Agreement ( BAA ) is entered
More informationIowa County Government Social Media Use Policy
Iowa County Government Social Media Use Policy This policy outlines appropriate use of social media, as it relates to Iowa County, by employees and departments for official and personal use. This policy
More informationVMware vcloud Air HIPAA Matrix
goes to great lengths to ensure the security and availability of vcloud Air services. In this effort VMware has completed an independent third party examination of vcloud Air against applicable regulatory
More informationHIPAA and Mental Health Privacy:
HIPAA and Mental Health Privacy: What Social Workers Need to Know Presenter: Sherri Morgan, JD, MSW Associate Counsel, NASW Legal Defense Fund and Office of Ethics & Professional Review 2010 National Association
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) between Inphonite, LLC ( Business Associate and you, as our Customer ( Covered Entity ) (each individually, a Party, and collectively,
More informationHealthcare Payment Processing: Managing Data Security and Privacy Risks
Moderator: Linda A. Malek Chair, Healthcare Moses & Singer LLP Healthcare Payment Processing: Managing Data Security and Privacy Risks Thursday, September 13, 2012 Panelists: Beth L. Rubin Senior Counsel
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Agreement ( Agreement ) is made and entered into this day of [Month], [Year] by and between [Business Name] ( Covered Entity ), [Type of Entity], whose business address
More informationAVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE
AVE MARIA UNIVERSITY HIPAA PRIVACY NOTICE This Notice of Privacy Practices describes the legal obligations of Ave Maria University, Inc. (the plan ) and your legal rights regarding your protected health
More informationBusiness Associate Agreement (BAA) Guidance
Business Associate Agreement (BAA) Guidance Introduction The purpose of this document is to provide guidance for creating or updating business associate agreements between your Practice ( Covered Entity
More informationBUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM RECITALS
BUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM This Business Associate Addendum ( Addendum ), effective, 20 ( Effective Date ), is entered into by and between University of Southern California, ( University
More informationChris Bennington, Esq., INCompliance Consulting Shannon DeBra, Esq., Bricker & Eckler LLP Victoria Norton, R.N., J.D., M.B.A.
Chris Bennington, Esq., INCompliance Consulting Shannon DeBra, Esq., Bricker & Eckler LLP Victoria Norton, R.N., J.D., M.B.A., UC Health 7093020v1 Examples from the News Review of HIPAA Breach Regulations
More informationwhat your business needs to do about the new HIPAA rules
what your business needs to do about the new HIPAA rules Whether you are an employer that provides health insurance for your employees, a business in the growing health care industry, or a hospital or
More informationHIPAA Compliance: Are you prepared for the new regulatory changes?
HIPAA Compliance: Are you prepared for the new regulatory changes? Baker Tilly CARIS Innovation, Inc. April 30, 2013 Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed
More informationBusiness Associates Agreement
Business Associates Agreement This Business Associate Agreement (the Agreement ) between Customer,( Covered Entity ) and Kareo ( Business Associate ) will be in effect during any such time period that
More informationHIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist. www.riskwatch.com
HIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist www.riskwatch.com Introduction Last year, the federal government published its long awaited final regulations implementing the Health
More informationBusiness Associate Agreement
Business Associate Agreement This Business Associate Agreement (the Agreement ) is made by and between Business Associate, [Name of Business Associate], and Covered Entity, The Connecticut Center for Health,
More informationData Privacy: What your nonprofit needs to know. Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015
Data Privacy: What your nonprofit needs to know Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015 Overview 2 Data privacy versus data security Privacy polices and best practices Data security
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is by and between ( Covered Entity ) and Xelex Digital, LLC ( Business Associate ), and is effective as of. WHEREAS,
More information