If a covered entity engages a business associate to help it carry out its health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes specifically what the business associate has been engaged to do and requires the business associate to comply with the Rules’ requirements to protect the privacy and security of protected health information.
“From the extension of the HIPAA rules to business associates, the regulatory environment, and the concern and increase of healthcare related security breaches, the overall risks and exposure are significant for business associates.”
Schellman provides you with a detailed testing approach, based on the OCR protocol for the HIPAA security and privacy safeguards as well as the HITECH breach notification requirements and an exclusive team with extensive technology risk and healthcare audit expirence.
Our Schellman teams have experience performing hundreds of healthcare audits and attestations.
We’re here to answer any questions.