Avoiding Liability for Business Associates’ Breaches

 

 

By Jonathan P. Tomes

Documents and Library ImageHIM professionals and privacy and security officers are likely already familiar with their facility’s business associates. But with the recent dramatic changes to the business associate relationship in the HITECH Act and the Omnibus Final Rule, there is plenty of new ground to cover. This three-part article series by Jonathan P. Tomes offers suggestions that health information management professionals may incorporate in managing these increased compliance burdens in order to protect both patient privacy and their organization’s interests.

The three installments cover background on these changes, guidance on how to avoid liability for breaches by business associates, and discussion on adjustments needed in the business associate relationship as well as ongoing strategies for adapting to the recent changes.

 

Avoiding Liability for Business Associates’ Breaches: Rule Changes Overview

Background on the changes to the business associate relationship in the HITECH Act and the Omnibus Final Rule

 

Avoiding Liability for Business Associates’ Breaches: Guidance

Guidance on how to avoid liability for breaches by business associates

 

Avoiding Liability for Business Associates’ Breaches: Adjustments and Ongoing Strategies

Adjustments needed in the business associate relationship and ongoing strategies for adapting to the recent changes

 


 

Jonathan P. Tomes (jon@tomesdvorak.com) is a partner at Tomes & Dvorak, Chartered, in Overland Park, KS, president of EMR Legal, Inc., a HIPAA consulting company, and the author of more than 60 books and dozens of articles on medical records law and HIPAA.