About this guide:
The purpose of this fact sheet is to provide a clear compilation of all provisions through which a Business Associate can be held directly liable for compliance with certain requirements of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (“HIPAA Rules”), in accordance with the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.
Direct Liability of Business Associates
Covered Entities and Business Associates
Who are Covered Entities