The HIPAA Omnibus Rule, which will be enforced beginning in September, makes it crystal clear that business associates and their subcontractors that receive, create, transmit or maintain protected health information are now directly responsible for HIPAA compliance.
What specific security steps do business associates that provide services to healthcare organizations need to take in light of the HIPAA Omnibus Rule and the looming compliance deadline?
Join us for this exclusive session, tailor-made for business associates, where you'll gain insights on:
The most critical components of HIPAA compliance;
How to conduct a risk assessment and rapidly build a plan for compliance;
How to comply with the revamped breach notification guidance.
The HIPAA Omnibus Rule greatly clarifies what constitutes a business associate relationship. It also specifies the privacy and security responsibilities for business associates as well as their subcontractors.
So how should companies go about determining whether they, indeed, meet the new definition of a business associate? And what's the best way to launch an effort to comply with the rule's requirements by the September deadline?
In this session, Mac McMillan, a leading data security and compliance expert, will explain precisely what the HIPAA Omnibus Rule means for business associates. He'll outline why it's essential to conduct a risk analysis as soon as possible, offer helpful tips and discuss why BAs need to work closely with their subcontractors on compliance issues.
He'll also describe how to:
Comply with the HIPAA rules applicable for BAs;
Determine what's needed in business associate agreements;
Make notifications to covered entities in case of a breach and comply with new breach notification guidance;
Disclose PHI to federal regulators conducting a compliance review or investigation;
McMillan is co-founder and CEO of CynergisTek Inc., a firm specializing in information security and regulatory compliance. He has more than 30 years of federal and private sector experience in managing and delivering information security services and is chair of the HIMSS Privacy and Security Steering Committee.