"Busy Year for Business Associates, More Activity
Expected in 2017"

December 28, 2016
Ashley L. Thomas

From the American Bar Association Health eSource, Vol. 13 No. 4, December 2016

Ashley Thomas, Nelson Mullins Riley & Scarborough, Raleigh, NC, and Tony Caldwell, Hall Render Killian Heath & Lyman, Indianapolis, IN

The year 2016 placed new focus on the role of business associates pursuant to the Health Insurance Portability and Accountability Act (HIPAA). While in years past the government focused on covered entities subject to HIPAA, 2016 marked the first year that business associates took much of the limelight. The list of activities surrounding business associates includes: the first Department of Health and Human Services’ Office for Civil Rights (OCR) enforcement actions against business associates; OCR's cybersecurity awareness initiative; Phase 2 desk audits involving business associates; new guidance addressing blocking of a covered entity’s access to patient data; and even more recent guidance on the treatment of cloud computing providers as business associates. These actions and guidance indicate that business associates are not immune from OCR's oversight and that this oversight will likely not slow down in 2017. Click here to read the full article.