| Business Associates are required to comply with | | | | 1) Assign HIPAA compliance officer |
| HIPAA Privacy and Security rules as per the | | | | 2) Certified HIPAA Privacy Security Expert |
| American Recovery and Reinvestment Act of | | | | (CHPSE) training for the HIPAA compliance Officer |
| 2009 (the Act). Title XIII of the Act is artfully | | | | 3) Create privacy policies & procedures |
| entitled the Health Information Technology for | | | | 4) Create security policies & procedures |
| Economic and Clinical Health (also referred to as | | | | 5) Conduct HIPAA risk analysis assessment |
| HITECH) Act. | | | | 6) Remediation of non complaint areas |
| It is very important for the covered entities to | | | | 7) Create HIPAA contingency plan if required |
| inform the business associates about these | | | | 8) Train all employees with Certified HIPAA |
| changes and let them know how they can | | | | Privacy Associate (CHPA), Certified HIPAA |
| achieve their compliance. Many business associates | | | | Privacy Expert (CHPE) or Certified HIPAA |
| are avoiding and delaying their HIPAA compliance. | | | | Security Expert (CHSE) based on their job role. |
| How covered entity can ensure that the business | | | | 9) Final Audit |
| associates are HIPAA complaint? To help the | | | | |
| covered entities with this task, business associate | | | | To view the Business Continuity Plan, please visit |
| HIPAA compliance checklist can be used to | | | | Business Continuity Plan Business Associate |
| evaluate the compliance status of business | | | | Compliance Tools can be purchased to jump start |
| associates. This form should be sent to all | | | | your HIPAA compliance. |
| business associates of covered entities. | | | | Online HIPAA training for Business associates for |
| Steps for HIPAA & ARRA's HITECH | | | | complete understanding of HIPAA Privacy and |
| compliance for the business associates: | | | | Security requirements for BA. |