Podcasts about business associate agreement

Welcome solo and group practice owners! We are Liath Dalton and Evan Dumas, your co-hosts of Group Practice Tech. In our latest episode, we dive into what group practice owners need to know about encrypted messaging apps.  We discuss: Encrypted messaging apps in the news What end to end encryption means What to look for in an encrypted messaging service Why a Business Associate Agreement is necessary The difference in risk landscape for mental health therapists and government officials Safeguards, like device security measures, to take when using secure messaging apps Listen here: https://personcenteredtech.com/group/podcast/ For more, visit our website. PCT Resources CE course: Smooth and Secure Use of Phone, Text, Email, and Video to Meet Modern Clients Where They Are: Legal-Ethical and Real-World Considerations Article: Even Though They Have a Right Under HIPAA To Unencrypted Emails: A Case For Only Using Secure Email and Texting With Clients Article: Texting and HIPAA Compliant Practice Article: How Do You Document Emails and Text Messages Received From Clients? HIPAA-Appropriateness Review of Signal HIPAA-Appropriateness Reviews of Secure Messaging platforms Group Practice Care Premium weekly (live & recorded) direct support & consultation service, Group Practice Office Hours -- including monthly session with therapist attorney Eric Ström, JD PhD LMHC + assignable staff HIPAA Security Awareness: Bring Your Own Device training + access to Device Security Center with step-by-step device-specific tutorials & registration forms for securing and documenting all personally owned & practice-provided devices (for *all* team members at no per-person cost) + assignable staff HIPAA Security Awareness: Remote Workspaces training for all team members + access to Remote Workspace Center with step-by-step tutorials & registration forms for securing and documenting Remote Workspaces (for *all* team members at no per-person cost) + more

In this episode of "Insurance Business Babes," hosts Joanna Wyckoff, and Kathe Kline talk with Keith Nabb, delving into the critical aspects of succession planning for insurance professionals. They emphasize the importance of treating an insurance business like a business by investing in tools like CRM and assistants, the significance of maintaining separate bank accounts for commissions, and the necessity of an estate plan and trust to save on probate costs. The discussion covers securing sensitive information through tools like LastPass and setting up essential legal documents through reasonably priced templates offered on their website. Using real-life examples, they underscore the importance of proper business valuation, client retention, and having a succession squad to ensure a smooth transition in case of unforeseen circumstances. The discussion also touches on the personal side of succession planning, including the care of pets and managing an agency structure for continuity and legal protection.

In this episode, attorney Arohi Kashyap uncovers the high privacy standards that come with working in the healthcare industry using a Business Associate Agreement. This contract passes requirements of the United States HIPAA regulations on to companies engaged by hospitals, doctors, and other healthcare institutions. Kashyap details: Basics of a Business Associate Agreement, including when it is needed; Key procedures for protecting private healthcare information; and Standards for managing data breach incidents. Find the original contract here: https://humanservices.arkansas.gov/wp-content/uploads/Attachment-D-Business-Associate-Agreement-BAA.pdf

**In this Episode of the Becoming a Badass Pharmacy Owner Podcast; Dr. Lisa Faast with guest Jeff Hedges will talk about fraud, waste and abuse for pharmacy compliance** **Show Notes:** 1. **RJ Hedges Intro** [2:00] 2. **Becoming An Expert** [3:11] 3. **Documentation** [6:54] 4. **Legal Posters** [9:34] 5. **Conflict Of Interest** [11:36] 6. **Filing Report** [14:25] 7. **Penalties** [16:25] 8. **Business Associate Agreement** [20:02] 9. **Contact Info** [24:25] Websites Mentioned: RJ Hedges: https://www.rjhedges.com/ Contact Info Email: sales@rjhedges.com Phone Number: 724-357-8380 ----- #### **Becoming a Badass Pharmacy Owner Podcast is a Proud to be Apart of the Pharmacy Podcast Network**

The HIPAA regulations require that covered entities enter into agreements with business associates who provide certain services for the covered entity involving the receipt, use, or disclosure of protected health information. In working with hospices throughout the years, we have found that many hospices have business associate agreements with nursing homes, vendors, and other providers where a business associate agreement is not required because neither party is actually a business associate of the other. In this episode, Husch Blackwell's Meg Pekarske and Andrew Brenton discuss when a business associate agreement is and is not required, so that hospices can confidently comply with the law while focusing on what matters most: delivering high-quality end-of-life care.

Host Catherine Short welcomes Rachel V. Rose, JD, MBA, on the topic of “A Business Associate Agreement? Tell Me More!” Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen

1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.

1st Talk Compliance features guest Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “A Business Associate Agreement? Tell Me More!” Rachel joins our host Catherine Short to discuss how Business Associate Agreements (BAA) are not new; however, some individuals are new to healthcare and others never understood what a BAA is exactly. A BAA is a contract that fundamentally gives assurances that the parties are complying with the Security Rule and Privacy Rule, setting parameters in the event of a reportable security incident or a breach, and states how the sensitive data will be returned and destroyed at the end of the relationship. This presentation not only seeks to dispel myths about why certain language is prevalent in nearly all BAAs, but also provides insight into other provisions, and items for consideration, in light of the 21st Century Cures Act.

This episode features Andrea Lee Linna, Partner at McGuireWoods, LLP. She rejoins the podcast today to talk about the FTC charging Twitter with deceptively using account security data to sell targeted ads & how that relates to healthcare, more information coming out about when a Business Associate Agreement is needed for HIPAA compliance, and more.

When you run a private medical practice, you're invariably going to need services and vendors outside of your practice.   What you need to know is that any person or organization that you hire to handle, use, distribute, or access protected health information is a Business Associate (BA) and that you need to have a Business Associate Agreement (BAA.) You need to have a Business Associate Agreement in place before you share protected health information.  The goal behind the Business Associate Agreement is to acknowledge that both parties are obligated to follow federal HIPAA regulations and to protect both parties in the event of a breach.According to HHS, the Business Associate Agreement must: Describe the permitted and required protected health information uses by the Business Associate and /or their subcontractorsState that the Business Associate and their Subcontractors will not use or further disclose protected health information beyond what is  permitted or required by the contract or as required by law;And require the Business Associate and their Subcontractors to use appropriate safeguards to prevent inappropriate protected health information use or disclosureA Business Associate Subcontractor is a person or entity to that the BA delegates to perform a function, activity or service.  Contractors and Confidentiality AgreementsYour employees, independent contractors who work exclusively for your company or a sole proprietor with other clients are not BAs. In this case your practice is solely responsible if someone breaches protected health information. One way to address this from a compliance perspective is to have your employees and independent contractors sign a confidentiality agreement.  The confidentiality agreements should:Clarify the type of information the agreement covers.Describe what type of information cannot be copied, downloaded or modified. As an aside, this is a very common source of a HIPAA breach—when some piece of protected health information is downloaded onto a desktop because its “easier” to access but it's not secured.Address issues like not removing a laptop containing protected health information from your officeState information must be returned upon employer's requestDisciplinary action for persons responsible for a breach of confidential informationYour Business Associate Agreement should be written so that it's “evergreen,” meaning that it renews automatically and doesn't require a new signature to remain valid. While the business associate has the liability, you as the covered entity are still required to take reasonable steps to cure the breach or end the violation.  Download the Business Associate Security Questionnaire to help you do your due diligence in choosing a Business Associate.If you'd like to hear more tips on how to start, run and grow your practice and related medical businesses, please sign up for my newsletter at https://www.thepracticebuildingmd.com.    And, be sure to join my FB group, The Private Medical Practice Academy. Enroll in my course,  How To Start Your Own Practice and get the step-by-step process for opening your doors. Or join The Private Medical Practice Academy Membership for live group coaching, expert guest speakers and everything you need to know to start, grow and leverage your private practice.

UPPER MERION TOWNSHIP BOARD OF SUPERVISORSNOVEMBER 18, 2021 MEETING ~ 7:30 PMAGENDA0:00:001. Meeting Called to Order.0:00:172. Pledge of Allegiance.0:00:333. Roll Call.0:00:504. Meeting Minutes: August 19, 2021 – Business MeetingSeptember 23, 2021 – Business Meeting0:01:265. Chairman’s Comments:6. New Business:0:03:22A. Proclamation Recognizing Swedeland Volunteer Fire Company on their 100th Anniversary0:08:03B. Consent Agenda re:1. Resolution 2021-29 re: Reducing Police Officers’ Contributions to the Police Pension Plan for the Year 2022 to 4%.2. Resolution 2021-30 re: Authorization to Sign PennDOT Traffic Signal Maintenance Agreement.3. Citizen Board Resignations:a. Maria Mengel from the Zoning Hearing Boardb. Edward Veneziale from the Sanitary & Stormwater Authorityc. Lauren Maggio from the Historical Commission4. Memorandum of Understanding with the King of Prussia Mall for 2022 Police Services – Consideration of a Memorandum of Understanding with the King of Prussia Mall for the payment and reimbursement of costs for additional police coverage at the Mall Complex for the year 2022.0:19:335. Change Order No. 1 to James Kenney Excavating & Paving, Inc. in the amount of $28,183.50 for work done on the Crow Creek Trail Project.6. Crow Creek Trail Project Contract Payment # 12 in the amount of$67,050.00 to Kenney Excavating for work to date on the Crow Creek Trail Project.7. Financial Escrow Security Release No.10, 900 River Road LLC, 900 River Road – Approval of Escrow Release No.11 to 900 River Road LLC in the amount of $1,330,615 for the completion of required site improvements to date as part of the warehouse development project as recommended by the Township Engineer.8. Financial Escrow Security Release No. 1, (Final) King of Prussia Acquisition, LLC., 750 Moore Road– Approval of Escrow Release No.1 to King of Prussia Acquisition, LLC in the amount of $2,811,947.33 for the completion of required site improvements to date as part of the apartment complex development as recommended by the Township Engineer and $140, 597.37 for the extra inspection escrow.9. Park ADA Improvement Project Contract Payment No. 3 (Final) to JNS Paving and Excavating Corp. in the amount of $7,583.71 for the ADA Improvements at Bob White and Swedeland Parks.10. Memorandum of Understanding with the Upper Merion Sanitary and Stormwater Authority regarding the Determination of Roles and Responsibilities for Stormwater related activities within the Township.11. Business Associate Agreement with The Good Fellowship Club of Chester County, Inc – Approval of a proposed agreement with The Good Fellowship Club of Chester County, Inc for the Upper Merion Fire and EMS Department’s participation in the Fellowship Clubs emergency medicine and advanced life support education and training program.12. Authorization for the Township Manager to sign Settlement Stipulation for139 E. DeKalb Pike for an underpayment in taxes for tax years 2014 through 2021 in the amount of $12,421.19.13. Resolution 2021-31 re: Authorize Supplemental Agreement with PennDOTfor Winter Traffic Services.0:21:40C. Appointment of Township Solicitor/Legal Services.0:26:08D. Posting of the 2022 Budget.1:00:417. Accounts Payable & Payrolls.1:01:128. Additional Business.9. Adjournment.

Knowing you has access to your patient's data is not only mission critical for your practice, it's required by HIPAA. In this episode, the Divas discuss how to identify business associates in your practice along with the significance of a Business Associate Agreement. Make no mistake, this aspect of HIPAA compliance plays an important role in protecting your patients' protected health information. 

Liam Degnan of the Compliance Group returns to the show to talk about leveraging HIPAA Compliance to increase sales and separate yourself from your competitors. In this episode, Liam covers:

Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX presents. “As part of the Department's effort to fully protect patients' health information and their rights under HIPAA, OCR has issued this important new fact sheet clearly explaining a business associate's liability,” said OCR Director Roger Severino. In 2013, under the authority granted by the HITECH Act, OCR issued the Final Omnibus Rule that, among other things, identified provisions of the HIPAA Rules that apply directly to business associates and for which business associates are directly liable. One of the most notable items is the Business Associate Agreement. The presentation highlights enforcement actions, as well as key compliance items business associates and subcontractors need to focus on.

Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX presents. “As part of the Department’s effort to fully protect patients’ health information and their rights under HIPAA, OCR has issued this important new fact sheet clearly explaining a business associate’s liability,” said OCR Director Roger Severino. In 2013, under the authority granted by the HITECH Act, OCR issued the Final Omnibus Rule that, among other things, identified provisions of the HIPAA Rules that apply directly to business associates and for which business associates are directly liable. One of the most notable items is the Business Associate Agreement. The presentation highlights enforcement actions, as well as key compliance items business associates and subcontractors need to focus on. The post HIPAA Business Associate Agreements Under HITECH appeared first on First Healthcare Compliance.

In the latest Podcast, we bring on HIPAA Expert and Industry Leader Chris Wheaton from Abyde.   The Abyde software solution is the easiest way for any sized dental practice to implement and sustain comprehensive HIPAA compliance programs. Abyde’s revolutionary approach guides dentists through mandatory HIPAA compliance requirements such as the Security Risk Analysis, HIPAA training for doctors and staff, Business Associate Agreement portal, customized policy documentation, and more!   Use Promo code Darkhorse10 to receive 10% off your Abyde subscription.

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is increasingly focused on ensuring that affiliated hospitals within a health system, typically comprising an Affiliated Covered Entity (ACE), have HIPAA business associate agreements in place with the parent corporation to allow for the lawful exchange of PHI. The presenters discuss the circumstances in which a business associate agreement may be required, and address several questions regarding related ACE organizational considerations. Presenters: Rebecca Schaefer, Hannah Maroney

A Business Associate Agreement isn’t just another simple bit of paperwork.  The liability commitments in your BAA and the business relationship it defines are very serious and very important in defining clearly the responsibilities of both parties.  Lately, we have had to ask a lot of questions like what is in your BAA and today we discuss what we have been seeing out there in the wild, so to speak. More info at HelpMeWithHIPAA.com/233

Becky Templeton Director of Business Development at R.J.Hedges & Associates talks with Jeff Hedges about With the increasing need for businesses to save on costs, many companies are utilizing offshore companies to help with customer service, tech support, billing processes, etc.  Is it possible one of your contracted companies whom you have a Business Associate Agreement, is utilizing an offshore workforce?  Not only should you be concerned with this because of possible breaches which the US government won't have any legal recourse, but PBM's and NCPDP will be asking for attestations in the future.  The time to prepare is now.  Our latest episode with the Pharmacy Compliance Guide will discuss the impacts of Offshore businesses accessing PHI, why PBM's are concerned,  and what pharmacies should do now.   The covered entity is solely responsible for issuing the Business Associate Agreement, so if you sign someone else's agreement, you are stuck with it.  The Business Associate Agreement is a contract.  Remember that!   Develop a document similar to the one the PBMs are asking you to sign and ask Business Associate to check a box with one of the two options and send it back to you.  Now you can truthfully answer the questions posed to you by the PBMs and NCPDP.   To ensure we are in compliance with these federal mandates, please check the appropriate box below and return this signed attestation to us.  Your failure to provide this attestation, as specified herein, constitutes a material breach of your agreement with us.  An inaccurate response may constitute a violation of federal law for which penalties may apply.   Choose the appropriate statement by checking one of the boxes below:   As your HIPAA Business Associate, our organization and our downstream and related entities DO NOT utilize Off-Shore subcontractors to perform activities that involve receiving, processing, transferring, handling, and storing or accessing PHI at an Off-Shore location(s).   As your HIPAA Business Associate, our organization and our downstream and related entities DO utilize Off-Shore subcontractors to perform activities that involve receiving, processing, transferring, handling, and storing or accessing PHI at an Off-Shore location.   CONTACT:   Becky Templeton, CDME, ABI Director of Business Development R.J. Hedges & Associates Office:  724-357-8380    Website:  www.rjhedges.com Follow us on Facebook!  Learn more on our Blog See omnystudio.com/listener for privacy information.

Becky Templeton Director of Business Development at R.J.Hedges & Associates talks with Jeff Hedges about With the increasing need for businesses to save on costs, many companies are utilizing offshore companies to help with customer service, tech support, billing processes, etc.  Is it possible one of your contracted companies whom you have a Business Associate Agreement, is utilizing an offshore workforce?  Not only should you be concerned with this because of possible breaches which the US government won’t have any legal recourse, but PBM’s and NCPDP will be asking for attestations in the future.  The time to prepare is now.  Our latest episode with the Pharmacy Compliance Guide will discuss the impacts of Offshore businesses accessing PHI, why PBM’s are concerned,  and what pharmacies should do now.   The covered entity is solely responsible for issuing the Business Associate Agreement, so if you sign someone else’s agreement, you are stuck with it.  The Business Associate Agreement is a contract.  Remember that!   Develop a document similar to the one the PBMs are asking you to sign and ask Business Associate to check a box with one of the two options and send it back to you.  Now you can truthfully answer the questions posed to you by the PBMs and NCPDP.   To ensure we are in compliance with these federal mandates, please check the appropriate box below and return this signed attestation to us.  Your failure to provide this attestation, as specified herein, constitutes a material breach of your agreement with us.  An inaccurate response may constitute a violation of federal law for which penalties may apply.   Choose the appropriate statement by checking one of the boxes below:   As your HIPAA Business Associate, our organization and our downstream and related entities DO NOT utilize Off-Shore subcontractors to perform activities that involve receiving, processing, transferring, handling, and storing or accessing PHI at an Off-Shore location(s).   As your HIPAA Business Associate, our organization and our downstream and related entities DO utilize Off-Shore subcontractors to perform activities that involve receiving, processing, transferring, handling, and storing or accessing PHI at an Off-Shore location.   CONTACT:   Becky Templeton, CDME, ABI Director of Business Development R.J. Hedges & Associates Office:  724-357-8380    Website:  www.rjhedges.com Follow us on Facebook!  Learn more on our Blog See omnystudio.com/listener for privacy information.

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Helvetica; color: #000000} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Helvetica; color: #000000; min-height: 14.0px} Kevin McLellan of HIPPA Clarity shares what it takes to ensure that your law firm and vendors are keeping you in compliance with HIPPA. In this episode: - What brought Kevin to HIPAA - High level things to look for to make sure you're compliant with HIPAA - Better way to store PHI - Difference between resting data vs. data in transit - Tips to mitigate risk for small firms - What is a Business Associate Agreement   Get in touch with the Law-vly people you meet:   Kevin McLellan, HIPPA Consultant HIPPA Clarity WEB: www.HIPPAClarity.com EMAIL: info@hippaclarity.com LINKEDIN: https://www.linkedin.com/in/kevinmclellan/ Emily LaRusch, CEO & Founder Back Office Betties EMAIL: HiBettie@BackOfficeBetties.com WEB: www.BackOfficebetties.com TWITTER: https://twitter.com/CallBetties FACEBOOK: https://www.facebook.com/BackOfficeBetties p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Helvetica; color: #ff0000}

  We continue our discussion about some common myths (or points of confusion) surrounding HIPAA compliance requirements.  GlossaryMyth is a widely held but false belief or idea.  Links  HealthIT.gov Top 10 Myths of Security Risk AnalysisHealthIT.gov Guide to Privacy and Security of Electronic Health Information Analysis Notes 1-3 In previous episode  Communicating with patients via email, fax, or telephone violates HIPAA.  Actually, not true. But.... reasonable and appropriate safeguards must be in place. HIPAA compliance is just like all the other compliance rules for other industries. You learn the requirements and you do what they say. Not at all true. HIPAA rules were designed to allow for every size and type of healthcare entity and business associate to use one set of regulations. That means there are phrases like "reasonable and appropriate" thrown all over them. Every single organization can determine what is reasonable and appropriate for their environment as long as they document how they are addressing the standards. Not even a risk analysis has one method to be performed across all organization. A website is HIPAA compliant if it uses HTTPS.  False.  There are two parts of electronic compliance security. You must secure data in motion (like when it is transmitted to a web page via HTTPS). You must also secure the data at reset (what happens to the data once it gets to the server on the other end). Just letting a web designer throw up a registration form or appointment request form will not meet the compliance standards for HIPAA by simply adding HTTPS. If a vendor signs a Business Associate Agreement there is nothing else for me to worry about concerning them. False. If you have knowledge that a vendor is not compliant and you continue to use their services simply because they signed a BAA you aren't much better off than if you never signed one. Your liability is still tied to the fact that you don't have a compliant BA. By working with them while knowing (or doubting) their compliance understanding and commitment makes you complicit in any failures they may have with PHI.  Perform a due diligence of some sort to get assurances they actually have a compliance program in place. 8-10 In next episode

A few people have been talking about the new HIPAA training from Reflexion. In my brain, Reflexion = Spam Filtering. So how do you get from there to HIPAA training and certification? So I called Scott Barlow, VP of Sales and Marketing at Reflexion. HIPAA Training from Reflexion Scott ended up giving me a great education on HIPAA requirements, the one important “Business Associate Agreement” you need to have, and how you can get certified and resell certification to your clients. Scott tells stories about very small companies being fined due to HIPAA compliance issues – including a 5-physician that was fined $100,000! Training is very straight forward and very inexpensive. The course has ten sections with quizzes at the end. Then the course as a whole has a 50-question test at the end. It is 100% online and costs only $299! Best take-away is the template you get for your Business Associate Agreement. If you’re looking for a great additional source of revenue, and you want to work with people in the medical community, please listen to this podcast. Very informative! – Download the Interview with Scott Barlow here. For more information on Reflexion, see www.reflexion.net. For more information on HIPAA certification, see www.reflexiontraining.net. For webinar information, email Scott at scott.hipaa@reflexion.net. Scott gives more contact info on the podcast. Check it out today.