How prepared are organizations to handle the changes in HIPAA and HITECH that now require all Business Associates to understand how their own subsequent Business Associates are handling ePHI?


I have wondered for some time about the insurance companies accessing Data exchanges. My Question is what stopping them from reviewing a Pts. medical history prior to underwriting the Pt and denying them because of what is discovered. I know that there is a HIPAA monitoring tool but with the volume of access the reviews...

