Healthcare Business Associate Agreement (BAA) – The Devil's in The Details

If you're in healthcare, you know about the HIPAA Privacy Rule and if you're in Health IT, then you should know about the HIPAA Omnibus Rule. Here's a quick refresher in case you're not quite up-to-speed:

HIPAA Privacy Rule:
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/

Omnibus HIPAA Rulemaking
http://www.hhs.gov/ocr/privacy/hipaa/administrative/omnibus/index.html

In this post, I will present a collection of published articles that address the importance to healthcare entities of selecting the right cloud provider in light of the HIPAA Omnibus Final Rule, which has a compliance date of September 23, 2013.

You will notice that the prevailing theme in our subject matter experts' opinions is "The importance of selecting a vendor (such as Verizon) that will sign a Business Associate Agreement or BAA."

Our experts also talk about encryption and encryption keys and why they matter. They also point out important questions you, as a healthcare provider, should ask when selecting a health IT service provider. Last, but not least, they highlight the importance to think longer term in knowing whether your provider is financially stable and will be in business not only this year, but next.

Peter Tippett, MD, PhD, chief medical officer and vice president of the Innovation Incubator, Verizon

• Healthcare Challenges: Can Collaboration and Compliance Co-Exist? Webinar (registration required)

Chris Davis, solutions architect, Verizon

• 6 Critical Security Questions to Ask your Health IT Service Provider
• Five Reasons the Cloud is ready for Health IT

Maureen Kaplan, director, healthcare cloud and security, Verizon

• Hybrid Clouds Fuel Choices for Health IT
• Rationalizing your move to the cloud
• The Clock is Ticking on Your Cloud Vendors
• Which Cloud Model is Right for Your Healthcare Organization?

To learn more visit, http://www.verizonenterprise.com/us/industry/healthcare/