The North Carolina Healthcare Information and Communications Alliance has released a revised model of its Business Associate Agreement that reflects changes in the HIPAA privacy and security rules under the HITECH Act, reports Health Data Management. The revised agreement is available for free online. Business associates are deemed to be covered entities under the HITECH Act, making them subject to the provisions of the security rule and portions of the privacy rule. At the annual HIPAA Summit in Washington, DC last week, the deputy director for health information privacy at the HHS Office for Civil Rights confirmed that business associates could be held liable for health data breaches.
If you want to comment on this post, you need to login.