The HIPAA business associate agreement (BAA) lays out your business associate’s obligations to protect your data. The previous blog gave an overview of BAAs. Let’s hone in on six important BAA provisions: Permissible uses and disclosures of protected...
Administrative Safeguards Physical Safeguards Technical Safeguards The Security Rule defines administrative safeguards as “administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures...
As a company that handles protected health information (PHI), HIPAA requires you to analyze how you manage risks to your PHI. This is known as a security risk analysis (SRA). The U.S. Department of Health and Human Services says risk analyses are vital to HIPAA...
A security risk analysis is a vital part of the risk management process. According to the HIPAA Security Rule, all HIPAA-covered organizations must conduct them. This analysis helps your organization prevent, detect, contain, and correct security violations. However,...