HHS Office of Civil Rights Enforcement Efforts Targets Business Associates

HHS Office of Civil Rights Enforcement Efforts Targets Business Associates

According to an article in Modern Healthcare (3/21, Conn, Subscription Publication), the Department of Health and Human Services (HHS) Office for Civil Rights is changing its privacy and security auditing process per the American Recovery and Reinvestment Act of 2009’s health IT rules.  The revised enforcement process, “will target the business associates of healthcare providers, insurers and other HIPAA-covered entities along with the entities themselves.”

Beyond expanding the scope of privacy and security provisions, the 2009 stimulus bill required that HHS conduct compliance audits, and “placed the businesses that do data handling, processing and analysis in healthcare on the same legal footing as the hospitals, physicians, insurance companies and claims clearinghouses they work for.” For this reason, business associates should ensure that they have the appropriate HIPAA Privacy and Security policies and procedures that provide the requisite administrative, physical, and technical safeguards for the PHI that they use, access, or disclose. In the event of a breach, business associates of a covered entity will be subject to the same enforcement related penalties as covered entities.

CPB : Online Medical Billing Course

2017-code-book-bundles-728x90-01

Michael Miscoe

Michael Miscoe

Mr. Miscoe, JD, CPC, CASCC, CUC, CCPC, CPCO, CPMA has over 20 years of experience in healthcare coding and over sixteen years as a compliance expert, forensic coding expert and consultant. He has provided expert analysis and testimony on a wide range of coding and compliance issues in civil and criminal cases and his law practice concentrates exclusively on representation of healthcare providers in post-payment audits as well as with responding to HIPAA OCR issues. He has an extensive national speaking background and has been published in numerous national publications on a variety of coding, compliance and health law topics.
Michael Miscoe

About Has 30 Posts

Mr. Miscoe, JD, CPC, CASCC, CUC, CCPC, CPCO, CPMA has over 20 years of experience in healthcare coding and over sixteen years as a compliance expert, forensic coding expert and consultant. He has provided expert analysis and testimony on a wide range of coding and compliance issues in civil and criminal cases and his law practice concentrates exclusively on representation of healthcare providers in post-payment audits as well as with responding to HIPAA OCR issues. He has an extensive national speaking background and has been published in numerous national publications on a variety of coding, compliance and health law topics.

One Response to “HHS Office of Civil Rights Enforcement Efforts Targets Business Associates”

  1. C. C. Henry says:

    it is reasonable and ethical that All authorized responsible parties/employees of a medical practices, hospitals and other health care related facilities should be held accountable for the security and privacy of PHI and EPHI…

Leave a Reply

Your email address will not be published. Required fields are marked *