subject: Business Associate Hipaa Compliance [print this page] Business Associates are required to comply with HIPAA Privacy and Security rules as per the American Recovery and Reinvestment Act of 2009 (the Act). Title XIII of the Act is artfully entitled the Health Information Technology for Economic and Clinical Health (also referred to as HITECH) Act.
It is very important for the covered entities to inform the business associates about these changes and let them know how they can achieve their compliance. Many business associates are avoiding and delaying their HIPAA compliance.
How covered entity can ensure that the business associates are HIPAA complaint? To help the covered entities with this task, business associate HIPAA compliance checklist can be used to evaluate the compliance status of business associates. This form should be sent to all business associates of covered entities.
Steps for HIPAA & ARRAs HITECH compliance for the business associates:
1)Assign HIPAA compliance officer
2)Certified HIPAA Privacy Security Expert (CHPSE) training for the HIPAA compliance Officer
3)Create privacy policies & procedures
4)Create security policies & procedures
5)Conduct HIPAA risk analysis assessment
6)Remediation of non complaint areas
7)Create HIPAA contingency plan if required
8)Train all employees with Certified HIPAA Privacy Associate (CHPA), Certified HIPAA Privacy Expert (CHPE) or Certified HIPAA Security Expert (CHSE) based on their job role.
9)Final Audit
To view the Business Continuity Plan, please visit Business Continuity Plan Business Associate Compliance Tools can be purchased to jump start your HIPAA compliance.
