Reader Question:
Don't Forget BAs Are Liable for HIPAA Breaches, Too
Published on Fri Dec 06, 2019
Question: We know that our practice must comply with the HIPAA Breach Notification Rule and notify the impacted individuals if there’s a breach. Are our business associates (BAs) liable, too, or are they off the hook when it comes to notifying? Codify Subscriber Answer: BAs, just like CEs, “have the burden of demonstrating that all required notifications have been provided or that [...]