Donna Grindle knows having a business arrangement agreement between a healthcare provider and their business associate is very important in defining clearly the responsibilities of both parties.
But, many healthcare providers, business owners, and vendors don’t get this right!
Donna shares her observations on the HIPAA violations trends from the United States so that healthcare providers and vendors in Canada can prevent similar experiences and avoid massive fines and penalties.
Donna Grindle is my guest expert on Practice Management Nuggets For Your Healthcare Practice.
Donna Grindle's #1 Tip to healthcare providers and vendors
- Healthcare privacy and security regulations are more similar than different.
- Educate as many people as possible about the importance of privacy and cybersecurity.
- Don't assume that you don't have to ask questions.
- Privacy is a civil right.
- Under HIPAA, any business that provides a service to covered entities (healthcare providers) that requires them to have access to protected health information is then considered a business associate (BA).
- BA's are separately and equally liable to protect patient information.
- You must have a written agreement between your vendors and your healthcare providers that describes how you will protect patient health information. If you disclose personal information without a written agreement, you are breaking the law.
- BAA / IMA must include liability clause.
- Tips: Healthcare Provider Selecting A Vendor
- Tips: Vendor Selecting A Healthcare Client
- Cybersecurity insurance
Featured Guest: Donna Grindle
Founder & CEO Kardon and
Co-Host Help Me With HIPAA Podcast
Donna brings over 30 years experience in healthcare IT which is the solid foundation of Kardon’s HIPAA privacy and security consulting. Donna stays busy with speaking engagements, the weekly Help Me With HIPAA podcast, and managing a business with a growing client list. Donna’s sense of humor and southern charm spills out into everything she does.