Revised Business Associate Agreement Released
HEALTHCARE PRIVACY—U.S.February 11, 2010
The North Carolina Healthcare Information and Communications Alliance has released a revised model of its Business Associate Agreement that reflects changes in the HIPAA privacy and security rules under the HITECH Act, reports Health Data Management. The revised agreement is available for free online. Business associates are deemed to be covered entities under the HITECH Act, making them subject to the provisions of the security rule and portions of the privacy rule. At the annual HIPAA Summit in Washington, DC last week, the deputy director for health information privacy at the HHS Office for Civil Rights confirmed that business associates could be held liable for health data breaches.