Dexcomm Blog

HIPAA Business Associates

November 27, 2012

Did you know that you could be fined based on the practices of your HIPAA business associates?

Any business associates who receives your patient's Protected Health Information (PHI) is subject to all Health Insurance Portability and Accountability Act (HIPAA) regulations. Your billing service, telephone answering service, accounting firm and collection agency, to name a few, all must be HIPAA compliant.

This significant expansion of HIPAA is the result of the Health Information Technology for Economic and Clinical Health (HITECH) Act passed by the United States Congress in February 2009. The HITECH Act Security Rule requires reasonable assurance of the confidentiality, integrity and availability of Electronic Protected Health Information (ePHI) in three key elements:

  1. Administrative Safeguards — security management process, security personnel, information access management, workforce training and management and evaluation.
  2. Physical Safeguards — facility access and control, workstation and device security.
  3. Technical Safeguards — access control, audit controls, integrity control and transmission security.

 

Could your HIPAA business associates be playing with fire around your money?

 

 

Failure to comply with the HITECH and HIPAA regulations can cause severe financial penalties reaching up to $1.5 million for you and your practice.

Click here to read about recent case studies and penalties.

 

 

 

If your office becomes aware of a HIPAA breach made by your business associate, you are required to take reasonable steps in correcting the violation. In the event that such steps are unsuccessful, then you must terminate your business associate agreement.

To avoid terminating contracts or securing other business associates, we highly recommend surveying your business associates' HIPAA compliance processes. Here are few examples of questions to ask:

  • What are your policies and procedures protecting against the use or disclosure of PHI?
  • Has your staff received training from a HIPAA professional?
  • Are all vendors associated with your business associates HIPAA compliant?
  • Do you have all of the necessary resources to remain HIPAA compliant?

As a telephone answering service serving hundreds of medical clients in many different states, we have developed strategies and skills which allow us to comply with HIPAA and to expertly serve our diverse clientele. Our commitment to training and education to better serve our clients has produced our Certified Medical Operator Program, a multitude of HIPAA related resources and offering easy-to-use, HIPAA complaint apps. Our hope is that you and your office can adopt some of these tools to make your life a bit less complicated and allow you a more uninterrupted leisure time.

 



Dexcomm is a Louisiana-based corporation that provides answering services to businesses and service agencies across the United States. We have been open since 1954, employ a staff of roughly 50 people, and our average client retention rate is 10+ years.

Connect With Us:

Twitter

Facebook

LinkedIn


 

Read More About The Author: Dexcomm

Want To Stay In The Know? Subscribe to our blog!

You can sign up to receive weekly or monthly copies of our latest blogs, keeping you current on best practices, tips, and expert insight into helping your business communicate at its very best.


why-use-an-answering-service-thumbWhen you do, we will send you our free infographic.

"Why Use an Answering Service?"

 

Subscribe Here!

Lists by Topic

see all