Before you outsource any of your organization’s functions to a third party, you need to do your research. Will the vendor handle PHI on behalf of your organization? If so, they’re a business associate (BA). Then conduct due diligence to be sure you can trust the...
In the last blog, you used a Business Associate Decision Tree to find if your vendors are business associates (BAs) under HIPAA. But good vendor management begins before you enter a contract with a third party. Before hiring a vendor, you must exercise due diligence....
Administrative Safeguards Physical Safeguards Technical Safeguards The Security Rule defines administrative safeguards as “administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures...
Updated May 28, 2019 Thousands of patient records breached. Millions of dollars in fines following nightmarish lawsuits. The news is full of harrowing stories of healthcare organizations caught in HIPAA violations, exposing sensitive patient data, and worse. Maybe you...
After a breach, one of your top priorities is to mail a breach notification letter to everyone whose protected health information (PHI) was compromised. But how do you write a HIPAA breach notification letter? The Breach Notification Rule requires you to write your...