Businesses that have access to protected health information (PHI) on behalf of a covered entity (for example, an employer’s group health plan) typically qualify as “business associates” under the HIPAA Privacy, Security and Breach Notification Rules (HIPAA Rules).
If a covered entity uses a business associate, it must have a written business associate agreement with the business associate that requires the business associate to protect the privacy and security of PHI. In addition to these contractual obligations, business associates are directly liable for compliance with many of the HIPAA Rules’ requirements. For example, among other compliance steps, business associates must:
Enter into business associate agreements with any subcontractors who create or receive PHI on their behalf;
Implement reasonable and appropriate safeguards for protecting electronic PHI (ePHI); and
Not use or disclose PHI, except as permitted by the Privacy Rule and business associate agreements.
We Make it Easy
Let us take the stress out of managing employee benefits.
Schedule a Call
We’ll ask a few questions, review your current benefits and determine your goals.
Let us Do the Leg Work
Based on your needs and budget, we’ll research all available options and help you select the right plan for your employees and your business.
Bask in the Glory
When you’re confident due diligence has been done, and you’ve selected the right plan it’s time to sit back and relax - or get to everything else on your list.