that a business associate includes a «subcontractor that creates, receives, maintains, or transmits protected health information
on behalf of the business associate.»
From the 2013 HIPAA Omnibus: that a business associate includes a «subcontractor that creates, receives, maintains, or transmits protected health information
on behalf of the business associate.»
(3) Business associate includes (iii) a subcontractor that creates, receives, maintains, or transmits protected health information
on behalf of the business associate.
Not exact matches
Prior to joining Cerberus, Mr. Neporent was an
associate and a partner in the
Business Reorganization and Finance Group at Schulte Roth & Zabel LLP, a New York City - based law firm, from 1986 to 1998, where he did extensive work
on behalf of Cerberus.
His Vice President mesmerised the whole world with his famous $ 15 million addressing system, his cousin, the Finance Minister sat in his room with his wife and
business associates and issued a $ 2.25 bond
on behalf of the people
of Ghana, his ministers are inflating cost
of projects in the name
of «typo error» and his cousins selling our oil like tomatoes
on Mallam Atta market.
Abby Eagle School
of Meditation does not lend or sell personal information to other organisations for marketing purposes, however we may at times provide a mailing list to a third party organisation to mail correspondence to you or to a
business associate on your
behalf.
And I asked him something
on behalf of several authors who have mentioned to me what I call the «friends and family problem»: writers who use
associates as early («beta») readers frequently find that people outside the
business (who can be your best gauges
of a non-publishing crowd's reaction) have trouble with plain MS format.
Customer agrees that: (i) BigTime is not acting
on Customer's
behalf as a
Business Associate or subcontractor; (ii) the Service may not be used to store, maintain, process, or transmit protected health information and (iii) the Service will not be used in any manner that would require BigTime or the Service to be compliant with the Health Insurance Portability and Accountability Act
of 1996, as amended and supplemented («HIPAA»).
TORONTO, Aug. 13 / CNW / — This is to announce that today the law firms
of Stevenson LLP and Bogoroch &
Associates have been instructed to commence a class action
on behalf of the representative plaintiffs, Giuseppina Santoro and Gianfrano (John) Santoro for damages sustained by the residents, homeowners and
business persons as a result
of the explosions which took place
on Sunday, August 10, 2008 at the premises
of Sunrise Propane Energy Group Inc..
«
On behalf of all Canadians, I'd like to extend our condolences to Ken Thomson's family, friends and
business associates.»
Business associates are individuals or organizations that perform certain services involving the use
of protected health information
on behalf of a HIPAA - covered entity.
OCR's investigation uncovered that North Memorial's
business associate had access to its hospital database containing electronic protected health information (e-PHI)
of more than 289,000 patients in order to perform payment and operations activities
on its
behalf.
As an
associate with Brown Law Group, Luis E. Lorenzana serves as counsel
on labor and employment law matters and
business litigation
on behalf of employers, companies, public agencies and municipalities.
Any attorneys who are communicating about health care information
on behalf of a client or even the «
business associate»
of a client themselves become
business associates under the act.
Response: Collection agencies and case managers are
business associates to the extent that they provide specified services to or perform functions or activities
on behalf of a covered entity.
However, a device manufacturer that does not provide «health care» must be a
business associate of a covered entity if that manufacturer receives or creates protected health information in the performance
of functions or activities
on behalf of, or the provision
of specified services to, a covered entity.
In addition, we have created an exception to the
business associate contract requirement for government agencies who perform functions
on behalf of other government agencies.
(H) Make its internal practices, books, and records relating to the use and disclosure
of protected health information received from, or created or received by the
business associate on behalf of, the covered entity available to the Secretary for purposes
of determining the covered entity's compliance with this subpart; and
(D) Ensure that any agents, including a subcontractor, to whom it provides protected health information received from, or created or received by the
business associate on behalf of, the covered entity agrees to the same restrictions and conditions that apply to the
business associate with respect to such information;
We note that there may be other instances in which a
business associate may combine or aggregate protected health information received in its capacity as a
business associate of different covered entities, such as when it is performing health care operations
on behalf of covered entities that participate in an organized health care arrangement.
(2) A covered entity participating in an organized health care arrangement that performs a function or activity as described by paragraph (1)(i)
of this definition for or
on behalf of such organized health care arrangement, or that provides a service as described in paragraph (1)(ii)
of this definition to or for such organized health care arrangement, does not, simply through the performance
of such function or activity or the provision
of such service, Start Printed Page 82799become a
business associate of other covered entities participating in such organized health care arrangement.
Similarly, authorizations requested by a
business associate on behalf of a covered entity to accomplish the disclosure
of protected health information to that
business associate or covered entity as described in § 164.508 (e) must meet the requirements
of that provision.
We do not consider a financial institution to be acting
on behalf of a covered entity, and therefore no
business associate contract is required, when it processes consumer - conducted financial transactions by debit, credit or other payment card, clears checks, initiates or processes electronic funds transfers, or conducts any other activity that directly facilitates or effects the transfer
of funds for compensation for health care.
For example, a
business associate performing a function under health care operations
on behalf of an organized health care arrangement would be permitted to combine or aggregate the protected health information obtained from covered entities participating in the arrangement to the extent necessary to carry out the authorized activity and in conformance with its
business associate contracts.
A covered entity that is undertaking payment activities
on behalf of different covered entities also may use or disclose protected health information obtained as a
business associate of one covered entity when undertaking such activities as a
business associate of another covered entity where the covered entities have authorized the activities and where they are necessary to secure payment for the entities.
(B) An attorney retained by or
on behalf of the workforce member or
business associate for the purpose
of determining the legal options
of the workforce member or
business associate with regard to the conduct described in paragraph (j)(1)(i)
of this section.
However, if the same provider maintains an account through which he / she cashes checks from patients, no
business associate contract would be necessary because the bank's activities are not undertaken for or
on behalf of the covered entity, and fall within the scope
of section 1179.
(ii) If a
business associate is required by law to perform a function or activity
on behalf of a covered entity or to provide a service described in the definition
of business associate in § 160.103
of this subchapter to a covered entity, such covered entity may disclose protected health information to the
business associate to the extent necessary to comply with the legal mandate without meeting the requirements
of this paragraph (e), provided that the covered entity attempts in good faith to obtain satisfactory assurances as required by paragraph (e)(3)(i)
of this section, and, if such attempt fails, documents the attempt and the reasons that such assurances can not be obtained.
Response: To the extent that a disease or case manager provides services
on behalf of or to a covered entity as described in the rule's definition
of business associate, the disease or case manager is a
business associate for purposes
of this rule.
The mere provision
of software to a covered entity would not appear to give rise to a
business associate relationship, although if the vendor needs access to the protected health information
of the covered entity to assist with data management or to perform functions or activities
on the covered entity's
behalf, the vendor would be a
business associate.
These oversight agencies are not performing services for or
on behalf of the covered entities and so are not
business associates of the covered entities.
We note that we do not consider a financial institution to be acting
on behalf of a covered entity, and therefore no
business associate contract is required, when it processes consumer - conducted financial transactions by debit, credit or other payment card, Start Printed Page 82505clears checks, initiates or processes electronic funds transfers, or conducts any other activity that directly facilitates or effects the transfer
of funds for compensation for health care.
The group health plan is not required to have a
business associate contract with the plan sponsor to disclose the protected health information or allow the plan sponsor to create protected health information
on its
behalf, if the conditions
of § 164.504 (e) are met.
A group health plan or health insurance issuer or HMO, or their
business associate on their
behalf, may perform such analyses for an employer customer and provide the results in de-identified form to the customer, using integrated data received from other insurers, as long as protected health information is not disclosed in violation
of this rule.
Three Crowns partners Luke Sobota and Jan Paulsson along with
associates Philipp Kotlaba, Kimberly Larkin, and E Jin Lee filed the brief
on behalf of the U.S. Chamber
of Commerce, the world's largest
business federation.
We note that, where a covered entity is acting as a
business associate of another covered entity, the
business associate covered entity is acting for or
on behalf of the principal covered entity, and its actions for or
on behalf of the principal covered entity are authorized by the consent obtained by the principal covered entity.
Response: As stated in § 164.504 (e)(2),
business associates are acting
on behalf of, or performing services for, the covered entity and may not, with two narrow exceptions, use or disclose protected health information in a manner that would violate this rule if done by the covered entity.
A provider could not circumvent these requirements by assigning the task to its
business associate since the
business associate would be considered to be acting
on behalf of the provider.
These changes, however, do not permit a covered entity to disclose protected health information to third parties for marketing (other than to a
business associate to make a marketing communication
on behalf of the covered entity) without authorization under § 164.508.
A covered entity may disclose protected health information to a
business associate, consistent with the other requirements
of the final rule, as necessary to permit the
business associate to perform functions and activities for or
on behalf of the covered entity, or to provide the services specified in the
business associate definition to or for the covered entity.
(I) At termination
of the contract, if feasible, return or destroy all protected health information received from, or created or received by the
business associate on behalf of, the covered entity that the
business associate still maintains in any form and retain no copies
of such information or, if such return or destruction is not feasible, extend the protections
of the contract to the information and limit further uses and disclosures to those purposes that make the return or destruction
of the information infeasible.
These changes mean that § 164.502 (e) requires a
business associate contract (or other arrangement, as applicable) not only when the covered entity discloses protected health information to a
business associate, but also when the
business associate creates or receives protected health information
on behalf of the covered entity.
While we permit uses or disclosures
of protected health information for a variety
of purposes,
business associate contracts or other arrangements are only required for those cases in which the covered entity is disclosing information to someone or some organization that will use the information
on behalf of the covered entity, when the other person will be creating or obtaining protected health information
on behalf of the covered entity, or when the
business associate is providing the specified services to the covered entity and the provision
of those services involves the disclosure
of protected health information by the covered entity to the
business associate.
For example, if a covered entity does not disclose or receive from its
business associate any protected health information and no protected health information is created or received by its
business associate on behalf of the covered entity, then the
business associate requirements
of this rule do not apply.
Similarly, where a physician or other provider has staff privileges at an institution, neither party to the relationship is a
business associate based solely
on the staff privileges because neither party is providing functions or activities
on behalf of the other.
For example, if a
business associate acts as the billing agent
of a health care provider, and discloses protected health information
on behalf of the hospital to health plans, the
business associate has no responsibility with respect to further uses or disclosures by the health plan.
Authorizations requested by a
business associate on the covered entity's
behalf and that authorize the use or disclosure
of protected health information by the covered entity or the
business associate must meet the requirements in § 164.508 (d).
Response: The final rule retains the general requirement that, subject to the exceptions below, a covered entity must enter into a
business associate contract with another covered entity when one is providing services to or acting
on behalf of the other.
As you look through your contact list, think about the types
of positions in which certain
business associates might assert themselves best
on your
behalf and separate them into buckets.
• Organized potential clients» list by determining and marking solid leads • Made telephone calls to potential clients and scheduled meetings
on behalf of business development
associates • Assisted marketing teams in creating presentations and marketing materials • Provided support in writing proposals and marketing literature • Responded to clients» queries in person, over the telephone and through email tickets