HIPAA Compliance for Business Associates

Interview with attorney Tanya Forsheit on proposed HIPAA modificationsBusiness associates face a major new obligation under proposed modifications to the HIPAA privacy, security and enforcement rules, says attorney Tanya Forsheit.

In an exclusive interview, Forsheit explains how the proposal would require business associates to enter formal agreements with their subcontractors covering HIPAA compliance. Regulators clearly are "looking to push accountability for compliance down the chain" to help ensure patient information is protected, she adds.

Forsheit also:

  • Describes how more companies would be defined as business associates under the proposal. Business associates are firms that serve hospitals, clinics, insurers and other "covered entities" and have access to protected health information.
  • Provides guidance on the new details that should be included in all business associate agreements. This includes spelling out that associates must report breaches promptly to covered entities and must take specific steps to ensure their subcontractors are HIPAA compliant.

Forsheit is founding partner at Information Law Group.. She founded the firm after 12 years as a litigator and privacy/data security counselor at Proskauer Rose LLP, where, most recently, she was co-chair of the firm's international privacy and data security practice group. Certified as an information privacy professional by the International Association of Privacy Professionals, Forsheit works with clients to address legal requirements and best practices for protection of customer and employee information.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.