Manage

HIPAA violation examples: The five most common mistakes

By

Kristen Lee, News Writer

2/6

HIPAA business associate agreement, or lack thereof, causes problems

Source: yogysic/iStock

Visual Editor: Sarah Evans

One way that HIPAA is often violated is in relation to HIPAA business associate agreements, according to the Office for Civil Rights (OCR). Or, more accurately, the lack thereof.

A HIPAA business associate agreement (BAA) is a contract between a HIPAA-covered entity, such as a hospital, and the organization or person providing services to the covered entity, such as a HIPAA business associate. The BAA protects personal health information (PHI). For example, an accounting or consulting firm that works with a hospital would be considered a HIPAA business associate.

In some cases, however, it can be difficult to identify who qualifies as a HIPAA business associate. One example of this is app developers. The U.S. Department of Health and Human Services released guidance for healthcare app developers in February 2016 detailing specific examples and scenarios to help developers understand whether their app deals with PHI and, therefore, needs to be HIPAA compliant.

View All Photo Stories

SearchCompliance

Use ISO 22332 to improve business continuity plans
Standards offer guidance on business continuity and disaster recovery plans. ISO 22332 is no exception, providing great detail on...
An adequacy audit checklist to assess project performance
Adequacy audits are conducted to assess the efficacy of IT system controls and identify areas for performance or other ...
How to successfully automate GRC systems in 7 steps
There is more to automating GRC programs than technology alone. This implementation roadmap helps IT leaders effectively plan, ...

SearchCIO

FTC's change to policy could make for healthier mergers
Cornell's Robert Hockett said the FTC's recent decision to rescind a 1995 policy could help prevent bad mergers, as scrutiny of ...
Chinese regulatory crackdown is about control, not data privacy
Despite China's messaging, analysts believe the government's recent regulatory tightening on tech companies is more about control...
Regulators need to rethink big tech regulation, expert says
A Boston University professor argues that big tech regulation may need to focus more on creating competition through data access ...

SearchCloudComputing

Key aspects of RPA in the cloud
As more enterprises prioritize automation, RPA seeks to build upon that growth within the cloud sector. Learn why vendors see the...
Dive into DigitalOcean Droplets and App Platform
DigitalOcean vies with AWS, Azure and others by targeting developers and startups. See what it has to offer and how it competes ...
4 best practices for big data security in cloud computing
When dealing with vast amounts of data in the cloud, enterprises need to be proactive with security. Don't wait for a threat to ...

SearchMobileComputing

Tech buyers warned Windows PC prices rising soon
Gartner and IDC expect price hikes for Windows PCs to come soon because of the global chip crisis. An IDC analyst said prices ...
Evaluating Apple Configurator and its alternatives
IT's first step to deploy mobile devices is to configure them, so organizations will have to decide if Apple Configurator is ...
Amazon updates aim for Alexa everywhere
Amazon's latest Alexa advancements include better support for natural language, interoperability with more devices and support ...

SearchSecurity

Keycloak tutorial: How to secure different application types
IT pros and developers can secure applications with the open source IAM tool Keycloak. When you don't need to worry about ...
Secure applications with Keycloak authentication tool
As we look toward the future of authentication, open source tools, such as Keycloak, provide companies a way to secure ...
Kaspersky tracks Windows zero days to 'Moses' exploit author
In its second-quarter threat report, Kaspersky Lab found a rise in the use of exploits and zero-day vulnerabilities, several of ...

SearchStorage

How the Container Storage Interface can aid Kubernetes use
Compared to in-tree plugins, the Container Storage Interface simplifies Kubernetes integration with storage devices, but thorough...
NVMe speeds vs. SATA and SAS: Which is fastest?
The NVMe protocol is tailor-made to make SSDs fast. Get up to speed on NVMe performance and how it compares to the SATA and SAS ...
Distributed storage carves niches for enterprise use
Numerous vendors specializing in distributed storage and other distributed services look to expand userbases and find new appeal ...

Close