Business associates provide many important services that support the business of the covered entity. These services include transcription, claim processing, laboratory tests, radiology, system administration, data hosting, etc., and they make it possible for small organizations in particular to offer full-service support to patients. Such services can require us to permit access to critical systems that hold patient information, or, in some cases, transfer patient data to a third party for processing and retention. When we engage with these business associates, we need to ensure that sound practices are in place for managing the risk involved.
Read the full article here: http://www.physbiztech.com/blog/reducing-risk-improving-vendor-management