Health Information Compliance Alert
Do BAs Need To Have HIPAA NPPs?
PDF
Question: Does a business associate (BA) need to have a HIPAA Notice of Privacy Practices (NPP)?
Answer: BAs don’t necessarily need to have a HIPAA NPP, answers Jim Sheldon-Dean, founder and director of compliance services for Lewis Creek Systems, LLC in Charlotte, VT. But BAs may be responsible for participating in and maintaining an NPP if they are providing those kinds of front line services for their covered entity (CE).
Meaning: If the CE hires the BA to manage the front desk and/or sign up new patients or gather contact information, the BA may be responsible for managing that NPP and distributing the NPP to the patients, Sheldon-Dean says. But BAs wouldn’t have an NPP of their own for their own operations.
Health Information Compliance Alert
- Case Study:
Watch Out For Sophisticated Malware Breaching Your Systems From Overseas
Pay attention: Massive breach teaches you four crucial lessons. The latest HIPAA breach is the [...] - EHRs:
Meaningful Use: Get Your 2014 CEHRT Now
Good news: You’re getting another year for Stage 3 compliance. If you’re not already using [...] - Ask Yourself 5 Questions To Gauge Your Breach Vulnerabilities
Tip: Look for all opportunities to encrypt PHI in your organization. Although many industry experts [...] - Reader Question:
What's The Biggest HIPAA Issue For EHR Implementation?
Question: What is the biggest issue you’ve seen with HIPAA and the electronic health record (EHR) [...] - Reader Question:
Does Breach Of Single Person's PHI Require Notification?
Question: What must we do in terms of breach notification if we mail a statement [...] - Enforcement News:
How Data Breach Settlement Sets 'Unfortunate Precedent'
Plus: How your BAs can get you into a big breach mess. Forget a class [...] - Reader Question:
Do BAs Need To Have HIPAA NPPs?
Question: Does a business associate (BA) need to have a HIPAA Notice of Privacy Practices (NPP)? [...]