The HIPAA privacy and security rules require all Covered Entities (CEs) to enter into Business Associate Agreements (BAAs) with entities that perform services for the CEs, if the services require the Business Associates (BAs) to create, receive, maintain, or transmit protected health information (PHI). The HIPAA rules list the basic required content for BAAs, but as the relationships between CEs and their BAs mature, BAAs are becoming more sophisticated and need to address important issues not mentioned in the HIPAA requirements, such as indemnification, cyber-liability insurance requirements, detailed notice requirements, ownership of data, audits, information technology requirements, system availability, return of data to the CE at termination, and more.
Please join Christine Williams as she covers new issues that should be addressed in BAAs and how best to address them.
WHAT YOU’LL LEARN
Just a sampling of what this webinar will cover:
- Why a basic BAA that has all of the content required by the HIPAA rules is not enough anymore
- What an indemnification provision covers and why it should be included
- Insurance requirements that should be included, including cyber-liability insurance
- How to make sure PHI is returned to the CE in usable form at the termination of the agreement
- Audit provisions and “standard audit policies”
- Clarity in language addressing ownership of PHI at all phases of the BA’s services
- Details that should be included in notice and termination provisions
- Technology requirements
- AND MUCH MORE!
YOUR CONFERENCE LEADER
Your conference leader for “Update on HIPAA Business Associate Agreements for Employer-Sponsored Health Plans” is Christine Williams. Ms. Williams has worked in the employee benefits field since 1987, both in private practice and as in-house counsel to a Fortune 100 company, and recently founded HealthPlanPlainTalk.com, an online resource for benefit plan sponsors and employee benefit professionals. She has extensive experience with all types of health and welfare plans, and was the editor and a contributing author of HIPAA Portability, Privacy, & Security, published by the Employee Benefits Institute of America (EBIA), a division of Thomson Reuters, and is now a contributor to that publication. She was a contributing author of Health Care Reform for Employers and Advisors, also published by EBIA. She has provided advice on HIPAA, health care reform, and benefit plan compliance to a wide range of health plans, employers that sponsor health plans, and business associates, and she regularly teaches seminars for employee benefit professionals. Before moving into employee benefits, Ms. Williams was a trial attorney at the U.S. Department of Justice and an assistant professor at the University of Maryland School of Law. She earned her J.D. degree from the University of Kentucky College of Law.