With Eyes Wide Open: How to Manage Vendor Compliance Liability

manage vendor compliance liability

Ever feel like your efforts to avoid compliance liability just turned into a game of hot potato? Is it a vendor responsibility (business associate or other third party) or yours? Consider cloud service providers (CSPs) as an example. Maintaining HIPAA compliance brings unique challenges to anyone working in or with the cloud. Don’t assume your … Read more

Are Business Associates Taking the Hit for CEs?

HIPAA and business associates

Looks like it could be a thing. All business associates (BAs), from super small, like small agency web hosting companies or medical transcriptionists, to large TPAs or data aggregation services, need to pay attention.  The recent settlement of Jelly Bean Communications LLC with the Department of Justice – yes, you read that right, the DOJ … Read more

Migrating to a Cloud Service: Is your BAA in place?

In a recent LinkedIn discussion between colleagues in our HIPAA Survival Guide group, a member posed an interesting question that probably doesn’t usually garner much attention in the general scheme of things when upgrading technology: If a company is a HIPAA Covered Entity and is migrating to Microsoft Office 365 (which is a cloud-based solution) … Read more

Never mind Big Brother, OCR is watching! HIPAA Enforcement Developments

It was a busy 2014 for the Office for Civil Rights (OCR). OCR entered into several resolution agreements and corrective action plans last year. Pay attention to the enforcement trend Covered entities (CE) and business associates (BA)! No matter how large or small, OCR is taking aim at CEs and likely soon BAs when it … Read more