Report to OCR and CMS Says Reliance on BA Agreements is Not Enough Healthcare, like many other industries, allows offshore outsourcing of information technology help desk functions, healthcare claims processing and medical transcription services. However, organizations that are considering the offshoring of health information should consider the liability associated with managing business agreements meant to provide satisfactory assurance that patient information is protected against unauthorized use or disclosure.
The third anniversary of the release by the Department of Health and Human Services (“HHS”) proposed regulations implementing changes to the accounting of disclosures provisions under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) has passed without much notice. The proposed regulations arose from requirements in the Health Information Technology for Economic and Clinical Health Act (“HITECH”), passed as part of the American Recovery and Reinvestment Act of 2009.
New HIPAA Security Risk Assessment Tool Is Designed For Small Providers & Business Associates A new security risk assessment (SRA) tool has been developed by the Department of Health & Human Services Office of the National Coordinator for Health IT (ONC) and the Office for Civil Rights (OCR). The tool is designed to help small and medium size health providers and business associates practices conduct and document a risk assessment in a thorough, organized fashion at their