Applicable Provider Types: All

Is Your Entity in Compliance?

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 (HIPAA) requires Covered Entities (CEs), Business Associates (BAs) and Business Associate subcontractors to enter into written agreements governing each party’s rights and obligations with respect to the privacy and security of patient Protected Health Information (PHI). Most healthcare providers will qualify as a CE. CEs must obtain “adequate written assurances” from their BAs that the PHI will only be used or disclosed as permitted by law and as instructed by the CE, and BAs must impose these obligations and limitations on their subcontractors. These written assurances typically take the form of a Business Associate Agreement (BAA).

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of William Clayton Landa William Clayton Landa

Clay’s practice focuses on assisting national hospital chains, nursing homes, community hospitals, ambulatory surgery centers, private physician practices, solo practitioners, pharmacies, mental healthcare provider, dental providers and laboratories with their corporate, transactional, and regulatory compliance matters.

Photo of Allyson M. Maur Allyson M. Maur

Allyson advises on regulatory issues affecting diagnostics developers, biopharma manufacturers, and clinical laboratories, including CLIA/CLEP and FDA regulatory advice, MLR and MRC review of marketing and promotional materials, clinical studies, global data privacy issues, ethics & compliance, commercial contracting, commercial litigation and more.

Allyson advises on regulatory issues affecting diagnostics developers, biopharma manufacturers, and clinical laboratories, including CLIA/CLEP and FDA regulatory advice, MLR and MRC review of marketing and promotional materials, clinical studies, global data privacy issues, ethics & compliance, commercial contracting, commercial litigation and more. Allyson’s healthcare regulatory work ranges from clinical bioethics and informed consent issues to counseling on compliance with U.S. federal fraud, waste, and abuse laws such as the Anti-Kickback Statute, Stark Law, Sunshine Act, and their state law equivalents, as well as HIPAA, state healthcare privacy laws, change of ownership and state licensing requirements for various healthcare and healthcare adjacent entities.

Photo of Daniel Bush Daniel Bush

Danny practices as part of the firm’s healthcare department, where he focuses on corporate healthcare mergers and acquisitions as well as regulatory compliance. Danny completed his undergraduate degree at the University of Washington and then both his law degree and Master of Health…

Danny practices as part of the firm’s healthcare department, where he focuses on corporate healthcare mergers and acquisitions as well as regulatory compliance. Danny completed his undergraduate degree at the University of Washington and then both his law degree and Master of Health Administration at the University of Iowa.