If you practice in the area of health law, and have any healthcare medical provider such as a hospital, physician or medical lab as a client, it is highly likely that ARRA-HITECH applies to you. Uncertain? You need to take the appropriate steps to determine if you are in compliance with ARRA-HITECH!
These same clients who qualify as Covered Entities and Business Associates will also look to you for your assurance that you comply with ARRA-HITECH requirements.
HIPAA and ARRA-HITECH applies to both Covered Entities (CE) and their Business Associates (BA). BA’s are entities or people that conduct work on behalf of CE’s and handle (handle = store, process, transmit or destroy) Covered Entity provided Protected Health Information (PHI). Most health care and medical malpractice attorneys are subject to these regulations.
Consequently, attorney’s who handle PHI as a result of their relationship with a Covered Entity are considered Business Associates.
Regardless of whether an attorney obtains Protected Health Information (PHI) through a relationship with a CE or has a client that provides PHI to the attorney, that PHI must be provided the same protections as those protections required of a hospital or doctor.
Do you handle PHI? Are you compliant with the Administrative, Physical and Technical provisions of HIPAA as well as the Privacy and Breach notification requirements specified in ARRA-HITECH? Health Compliance Partners Compliance Assessment service is designed to assess your compliance profile, identify gaps, and provide a remediation roadmap to compliance.