HHS Office of Civil Rights Enforcement Efforts Targets Business Associates

  • By
  • In AAPC News
  • March 31, 2016
  • Comments Off on HHS Office of Civil Rights Enforcement Efforts Targets Business Associates
HHS Office of Civil Rights Enforcement Efforts Targets Business Associates

According to an article in Modern Healthcare (3/21, Conn, Subscription Publication), the Department of Health and Human Services (HHS) Office for Civil Rights is changing its privacy and security auditing process per the American Recovery and Reinvestment Act of 2009’s health IT rules.  The revised enforcement process, “will target the business associates of healthcare providers, insurers and other HIPAA-covered entities along with the entities themselves.”
Beyond expanding the scope of privacy and security provisions, the 2009 stimulus bill required that HHS conduct compliance audits, and “placed the businesses that do data handling, processing and analysis in healthcare on the same legal footing as the hospitals, physicians, insurance companies and claims clearinghouses they work for.” For this reason, business associates should ensure that they have the appropriate HIPAA Privacy and Security policies and procedures that provide the requisite administrative, physical, and technical safeguards for the PHI that they use, access, or disclose. In the event of a breach, business associates of a covered entity will be subject to the same enforcement related penalties as covered entities.

CPB : Online Medical Billing Course

Michael Miscoe
Latest posts by Michael Miscoe (see all)

About Has 54 Posts

Mr. Miscoe, JD, CPC, CASCC, CUC, CCPC, CPCO, CPMA has over 20 years of experience in healthcare coding and over sixteen years as a compliance expert, forensic coding expert and consultant. He has provided expert analysis and testimony on a wide range of coding and compliance issues in civil and criminal cases and his law practice concentrates exclusively on representation of healthcare providers in post-payment audits as well as with responding to HIPAA OCR issues. He has an extensive national speaking background and has been published in numerous national publications on a variety of coding, compliance and health law topics.

No Responses to “HHS Office of Civil Rights Enforcement Efforts Targets Business Associates”

  1. C. C. Henry says:

    it is reasonable and ethical that All authorized responsible parties/employees of a medical practices, hospitals and other health care related facilities should be held accountable for the security and privacy of PHI and EPHI…