Republished with permission from AHLA’s Physicians and Hospitals Law Institute. Original article appeared Feb. 5, 2018.
Healthcare providers, health plans and healthcare clearinghouses (“covered entities”) and business associates are subject to significant penalties for violations of the HIPAA Privacy, Security and Breach Notification Rules. To make matters worse, covered entities may be liable for their business associates’ misconduct, and business associates may be liable for their subcontractors’ violations. Covered entities and business associates must take appropriate steps to minimize exposure for their business associates’ or subcontractors’ violations.
Please see full Publication for more information: Minimizing Liability For Business Associate Misconduct