With stronger HIPAA privacy and security requirements now in effect, health care providers need to ensure that their information technology vendors and their business associates understand and are compliant with the provisions.

Larger vendors understand, but many smaller ones may not--and hospitals often contract with small local vendors, particularly shredding firms, notes Nancy Davis, privacy officer at 15-hospital Ministry Health in Milwaukee, serving parts of Wisconsin and Minnesota. And that could cause trouble when the HHS Office for Civil Rights starts auditing business associates as expected in 2014.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access