Wednesday, 8 January 2014

How the Channel Exception Affects the HIPAA Liability of Cloud Service Providers

The HIPAA regulatory board of US government had made it compulsory for hospitals, clinics, & other healthcare related service providers to take-up documenting the patient record in electronic format.After this announcement most of the healthcare related vendors want to participate in it especially the online service providers including transaction processing, enterprise resource planning, data storage, voice services faxing, etc.
But still there are many healthcare vendors who have adopted a policy to not sign a Business Associate Agreement (BAA) because they lack the basic legal knowledge to understand the associated liability. Yes this is bit complicated because some cloud services do not require a Business Associate Agreement as they do not have access to patient’s electronic record, but rather acted as a "pipeline" or temporary vessel for the data.Other vendors who claim compliance and offer BAAs as evidence of compliance, in reality they may not fully understand their services' role in healthcare providers overall practices and procedures.
\
 HIPAA Training

This roundtable discussion brings together vendors and HIPAA compliance experts to offer some clarity to the role of BAAs, the applicability of the Conduit Exception, and how all parties involved can take a strategic approach to documenting and validating their adherence to HIPAA.

About Supremus Group LLC
http://www.training-hipaa.net, a Supremus Group LLC, has served more than 3000 clients. The company provides HIPAA compliance tools which include templates for HIPAA security policies, HIPAA privacy policies, HIPAA contingency plan HIPAA security risk analysis, and HIPAA security audits. We also offer HIPAA compliance consulting.
We also offer comprehensive HIPAA training for covered entities and business associates which have been updated to reflect HITECH & meaningful use requirements and Omnibus rule. After course completion, participants may obtain one of the following HIPAA certifications: CHPA (Certified HIPAA Privacy Associate), CHPE (Certified HIPAA Privacy Expert), CHSE (Certified HIPAA Security Expert), and CHPSE (Certified HIPAA Privacy Security Expert).


No comments:

Post a Comment