The new HIPAA Final Omnibus Rule world is here! But how does it effect both Covered Entities and Business Associates? For CE’s it’s an easy adjustment, or at least it should be if they are paying attention, but for BA’s it’s a new game. One of the biggest industries to be effected by the new HIPAA changes is the 3rd party data centers.
“Mahmood Sher-Jan, vice president of product management at ID Experts, a data breach prevention and response firm which consults with HIPAA-covered entities on remaining compliant, told SCMagazine.com that, before, business associates’ main concerns where upholding their contracts with covered organizations, like hospitals or insurers.
Their level of accountability has now grown, he explained.
“Before, they only had to comply contractually,” Sher-Jan said of specific contracts between covered entities and third party companies accessing patient data. “Now legally they have to comply. [Under HIPAA] they could be audited, they could be found negligent or fined,” he said.”
You can read the full article here: Compliance deadline on HIPAA rules brings expanded responsibilities for third parties handling data