Business Associate Agreements

What Is a HIPAA Business Associate Agreement (BAA)?

February 14, 2022 - HIPAA-covered entities are required to enter into business associate agreements (BAAs) with any third party that handles protected health information (PHI). As the cyber threat landscape evolves and data privacy and security concerns escalate, healthcare organizations are increasingly relying on third parties to manage vast amounts of PHI. As a result, comprehensive business associate...

Read More


More Articles

Healthcare Organizations Deprioritize Third-Party Risk Management

by Jill McKeon

Organizations across all sectors constantly share confidential information with third parties, but current third-party risk management strategies may leave organizations extremely vulnerable to...

Outpatient Facilities Now Top Targets for Healthcare Data Breaches

by Jill McKeon

Hackers are changing their tactics when it comes to healthcare data breaches in 2021. As hospitals struggled to combat COVID-19 in 2020, cyber criminals added to the chaos by infiltrating networks,...

Medical Device Vendor Zoll Sues IT Firm Over Breach Affecting 277K

by Jessica Davis

Medical device vendor Zoll filed a lawsuit with the US District Court of Massachusetts against IT service vendor Barracuda Networks, after an error during a server...

Athens Orthopedic Pays OCR $1.5M Over Systemic HIPAA Noncompliance

by Jessica Davis

The Office for Civil Rights reached a settlement with the Athens Orthopedic Clinic for $1.5 million over a 2016 data breach caused by the notorious hacking group...

Patient Data Privacy Lawsuit Against Google, UChicago Dismissed

by Jessica Davis

The patient data privacy lawsuit brought against Google and the University of Chicago Medical Center was dismissed by a federal judge in Illinois on September 4, ruling that patient who filed the...

Crafting Successful Business Associate Agreements, Breach Response

by Jessica Davis

The healthcare sector relies heavily upon its relationships with third-party vendors and business associates, which are critical to ensuring uninterrupted patient care. However, given the vast number...

Senators Press Ascension on Data Sharing Agreement with Google

by Jessica Davis

Sens. Bill Cassidy, MD, R-Louisiana, Elizabeth Warren, D-Massachusetts, and Richard Blumenthal, D-Connecticut, are pressing Ascension on its data sharing agreement it holds with Google, given the tech...

Key Elements for Secure Business Associate Agreements, Relationships

by Jessica Davis

The healthcare sector relies on a vast number of third-party vendors, supply chain businesses, and other business associates to ensure relatively seamless care transactions. But with each transaction...

3 Critical Steps for Managing Third-Party Access to Your EHR

by Marti Arvin of CynergisTek

Before a hospital grants any kind of network access to users from an outside organization, like a physician’s practice, it must determine to whom access is granted and for how long. It is a...

Recent Articles