Under the Health Insurance Portability and Accountability Act (HIPAA), there are a number of rules and regulations that must be followed to ensure that a covered entity’s Protected Health Information (PHI) remains private and only accessible to those with permissions. The Department of Health and Human Services (HHS) actively enforces these rules and it is important to remain compliant to avoid any fines. A business associate is considered an entity who performs actions on behalf of a covered entity and it may involve access to or use of PHI. These business associates in particular are being addressed by the HHS’ Office for Civil Rights (OCR) as they provide a more explicit explanation of what could be considered a HIPAA violation.
Contact your Cowden representative for more information on this or other compliance issues.