are you having hipaa anxiety?
With the HITECH Act of 2009, practices are required to take the following immediate actions:
- perform a Risk Analysis
- collect all Business Associate Agreements
- designate a Security and Privacy Official
- apply Administrative, Technical and Physical Safeguards
- and more...
Not sure where you stand on the above items? Contact us today and we will help you start the process.
In order to understand the steps to take towards compliance, you need to be aware of the lingo being used. Below are just a few examples of terms that will be used when discussing HIPAA.
- Covered Entity Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards. Generally, these transactions concern billing and payment for services or insurance coverage. For example, hospitals, academic medical centers, physicians, and other health care providers who electronically transmit claims transaction information directly or through an intermediary to a health plan are covered entities. Covered entities can be institutions, organizations, or persons.
- Business Associate A person or entity who, on behalf of a covered entity, performs or assists in performance of a function or activity involving the use or disclosure of individually identifiable health information, such as data analysis, claims processing or administration, utilization review, and quality assurance reviews, or any other function or activity regulated by the HIPAA Administrative Simplification Rules, including the Privacy Rule. Business associates are also persons or entities performing legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services to or for a covered entity where performing those services involves disclosure of individually identifiable health information by the covered entity or another business associate of the covered entity to that person or entity.
- Business Associate Agreement A contract between a Covered Entity and and Business Associate. The contract protects personal health information in accordance with HIPAA guidelines.
Note: HIPAA guidelines require every Covered Entity to have a Business Associate Agreement in place by September 23, 2013.
HIPAA Requirement: Risk Assessment/ Analysis
MedSafe is a strategic partner offering a single source, affordable compliance solution. MedSafe combines on-site assessments with online policies/procedures and training programs to ensure that our clients remain compliant with OSHA, HIPAA/HITECH, Corporate Compliance, Billing and Coding, and other safety and accreditation programs.