The new amendment to HIPAA Privacy andSecurity rule recently passed by Health Information Technology for Economic andClinical Health Act (HITECH Act)

Business associateis an individual, group or an organization which participates or performs someactivities on behalf of the Covered Entity in a capacity as a business partnerand is not member of the workforce of the Covered Entity.  The Privacy Rule lists some of the functionsor activities, as well as the particular services, which makes a person or entityBusiness Associate, if the activity or service involves the use or disclosureof protected health information. The types of functions or activities that maymake a person or entity a business associate includes payment or health careoperations activities, as well as other functions or activities regulated bythe Administrative Simplification Rules.

The new amendment toHIPAA Privacy and Security rule recently passed by Health InformationTechnology for Economic and Clinical Health Act (HITECH Act) and which cameinto effect from February 17, 2010 makes it mandatory for all the Coveredentities to revise their Business Associate Contract. This has increased thescope of the law as more entities are obliged to follow the HIPAA compliancenorms. At same time the amendment adds more responsibilities on the existingBusiness Associates.

The Covered Entitiesand their existing Business Associates now have to re-negotiate their existing contractsto achieve HIPAA compliance. The Business Associates now on, have to take adoptadditional procedures to completely fulfill the physical, administrative,technical and documentation requirements of the rule. The amendment makes itmandatory for the Business Associate to report loss of unsecured data to theindividual patients and/or the public media,depending upon scale of theviolation.

The new regulatoryrequirements make it necessary for the Business Associate to thoroughly carryout the risk analysis for their systems and infrastructure to know the existentloopholes in the security. The next step is to develop appropriate policy whicheffectively removes the security loopholes by incorporating technical securitymeasures like email encryption, user account management, auditing and a properdisaster backup plan.

Henceforth theBusiness Associate will also play a more responsible and active role in securemanagement of the patient health information, which earlier, before thisamendment, was sole responsibility of the Covered Entity.

Business Associateplays important role in preserving the privacy of the patient healthinformation.

About emPower

emPower is a leading provider of comprehensiveHealthcare Compliance Solutions through Learning management system (LMS). Ourmission is to provide innovative security solutions to enable compliance withapplicable laws and regulations and maximize business performance. We providerange of courses to manage compliance required by regulatory bodies such asOSHA, HIPAA, Joint commission and Red Flag Rule etc. Apart from this emPoweralso offers custom demos and tutorials for your website, business processmanagement and software implementation.

Our Learning Management system (LMS) allows students to retrieve all thecourses 24/7/365 by accessing our portal. emPower e-learning training programis an interactive mode of learning that guides students to progress at theirown pace.

For additional information, please visit http://www.empowerbpo.com/   

Media Contact
Jason Gaya
jasongaya@empowerbpo.com

emPower
12806 Townepark Way
Louisville, KY 40243-2311
Ph: 502-400-9374
http://www.empowerbpo.com
http://store.empowerbpo.com/