|
|
By Erik Kangas, PhD, President
|
Posts Tagged ‘business associate agreement’
Published: Tuesday, July 13th, 2010
 We are often approached by customers wanting to use their blackberry mobile devices to send and receive email that may contain electronic Protected Health Information (ePHI). Such customers, when they must abide by the HIPAA and HITECH laws governing medical privacy, must comply with a long set of regulations that covers, among other things, how ePHI may be transmitted over the Internet.
This article deals with the security of sending and receiving email on a Blackberry configured for Internet email services (i.e. it does not apply to those connecting to an Blackberry Enterprise Server and Exchange).
Read the rest of this post »
Tags: baa, blackberry, business associate agreement, ePHI, hipaa, hitech, privacy, security, ssl
Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email
No comments »
Published: Saturday, January 30th, 2010
 Changes to HIPAA as a result of HITECH provisions in the American Recovery and Reinvestment Act are going into effect on February 17, 2010. These changes seriously impact the requirements on Business Associates and impose significant liability penalties on HIPAA violations. For a discussion of these and how they relate to email and web services, see: HITECH 2010: HITECH Impact on Email and Web Outsourcing.
In response to these changes and to ensure that both LuxSci and its HIPAA customers are HIPAA-compliant:
- Old BAA Void: All Business Associate Agreements (BAA), formerly known as Medical Privacy Agreements, that current LuxSci customers have by virtue of the old BAA being incorporated automatically in LuxSci’s Master Services Agreement are VOID as of February 17th, 2010.
- New BAA Required: Any LuxSci Customer who is using or plans to use LuxSci for ePHI (electronic protected health information) of any kind (i.e. email, web sites, WebAides, databases, etc) must explicitly sign our new BAA and ARA (Account Restrictions Agreement) before LuxSci will consider itself a Business Associate and the customer’s LuxSci account HIPAA compliant.
LuxSci will be contacting customers that it believes might need to sign a BAA and ARA during the month of February. However, as LuxSci does not know which customers are using their account(s) for storage or transmission of ePHI, it is up to our customers to contact LuxSci to establish a BAA.
See:
Read the rest of this post »
Tags: baa, business associate agreement, ePHI, hipaa, hitech, privacy
Posted in LuxSci Insider
1 Comment »
|
|
Receive automatic updates via email:
