If your accounting firm supports any medical healthcare provider such as a hospital, physician practice or medical lab as a client, it is highly likely that ARRA-HITECH applies to you. Uncertain? You need to take the appropriate steps to determine if you are in compliance with ARRA-HITECH!
These same clients who do qualify as Covered Entities and Business Associates will also look to you for your assurance that you comply with ARRA-HITECH requirements.
HIPAA and ARRA-HITECH applies to both Covered Entities (CE) and their Business Associates (BA). BA’s are entities or people that conduct work on behalf of CE’s and handle (handle = store, process, transmit or destroy) Covered Entity provided Protected Health Information (PHI). Most accounting firms that have these Covered Entity relationships are subject to these regulations.
Consequently, accountant firms who handle PHI as a result of their relationship with a Covered Entity are considered Business Associates.
So where does an accounting firm meet HIPAA and ARRA-HITECH?
- Mergers and Acquisitions
- Medical Practice Sale
- Medical Practice Valuation
- Structuring and Negotiating Associate Agreements
- Preparation of Audited Financial Statements
- Utilization Review and Quality Assurance
- Medical Billing
- Review and Analysis of Fees
Regardless of whether an accounting firm obtains Protected Health Information (PHI) through a relationship with a CE or has a client that provides PHI to the accounting firm, that PHI must be provided the same protections as those protections required of a hospital or doctor.
Do you handle PHI? Are you compliant with the Administrative, Physical and Technical provisions of HIPAA as well as the Privacy and Breach notification requirements specified in ARRA-HITECH? Health Compliance Partners Compliance Assessment service is designed to assess your compliance profile, identify gaps, and provide a remediation roadmap to compliance.