1. Update on HIPAA Business Associate Agreements for Employer-Sponsored Health Plans

Update on HIPAA Business Associate Agreements for Employer-Sponsored Health Plans

Update on HIPAA Business Associate Agreements for Employer-Sponsored Health Plans
Event ID: 18494
Not for Sale
Recording: 15456

Duration: 90 minutes including question and answer period.
Presenter: Christine Williams, founder, Health Plan Plain Talk
Price: $299.00, On-Demand includes full audio presentation, question and answer session, and presentation slides.
CE Credits: This program has been approved for 1.5 general recertification credit hours toward PHR, SPHR, and GPHR recertification through the HR Certification Institute. This program is valid for 1.5 PDCs for the SHRM-CP or SHRM-SCP.
Who Should Attend? HR, employee benefits, financial officers, in-house counsel, and CEOs

The HIPAA privacy and security rules require all Covered Entities (CEs) to enter into Business Associate Agreements (BAAs) with entities that perform services for the CEs, if the services require the Business Associates (BAs) to create, receive, maintain, or transmit protected health information (PHI). The HIPAA rules list the basic required content for BAAs, but as the relationships between CEs and their BAs mature, BAAs are becoming more sophisticated and need to address important issues not mentioned in the HIPAA requirements, such as indemnification, cyber-liability insurance requirements, detailed notice requirements, ownership of data, audits, information technology requirements, system availability, return of data to the CE at termination, and more.

Please join Christine Williams as she covers new issues that should be addressed in BAAs and how best to address them.


Just a sampling of what this webinar will cover:

  • Why a basic BAA that has all of the content required by the HIPAA rules is not enough anymore
  • What an indemnification provision covers and why it should be included
  • Insurance requirements that should be included, including cyber-liability insurance
  • How to make sure PHI is returned to the CE in usable form at the termination of the agreement
  • Audit provisions and “standard audit policies”
  • Clarity in language addressing ownership of PHI at all phases of the BA’s services
  • Details that should be included in notice and termination provisions
  • Technology requirements


Your conference leader for “Update on HIPAA Business Associate Agreements for Employer-Sponsored Health Plans” is Christine Williams. Ms. Williams has worked in the employee benefits field since 1987, both in private practice and as in-house counsel to a Fortune 100 company, and recently founded HealthPlanPlainTalk.com, an online resource for benefit plan sponsors and employee benefit professionals. She has extensive experience with all types of health and welfare plans, and was the editor and a contributing author of HIPAA Portability, Privacy, & Security, published by the Employee Benefits Institute of America (EBIA), a division of Thomson Reuters, and is now a contributor to that publication. She was a contributing author of Health Care Reform for Employers and Advisors, also published by EBIA. She has provided advice on HIPAA, health care reform, and benefit plan compliance to a wide range of health plans, employers that sponsor health plans, and business associates, and she regularly teaches seminars for employee benefit professionals. Before moving into employee benefits, Ms. Williams was a trial attorney at the U.S. Department of Justice and an assistant professor at the University of Maryland School of Law. She earned her J.D. degree from the University of Kentucky College of Law.


HRWebAdvisor, a division of DKG Media, LP, wants you to be satisfied with your webinar. If this webinar does not meet your expectations, email us at [email protected].


HRWebAdvisor certificates of participation are available to everyone completing this webinar.