Information Managers
  • Home
  • Services
    • All Services
  • Templates
  • Blog
  • Contact Us
  • Practice Management Success
  • Podcasts

Why You Need To Get The Right Agreements With Your Vendors

Posted on February 4, 2020 by Jean Eaton in Blog

Donna Grindle knows having a business arrangement agreement between a healthcare provider and their business associate is very important in defining clearly the responsibilities of both parties.  

But, many healthcare providers, business owners, and vendors don’t get this right!

Donna shares her observations on the HIPAA violations trends from the United States so that healthcare providers and vendors in Canada can prevent similar experiences and avoid massive fines and penalties.

Donna Grindle is my guest expert on Practice Management Nuggets For Your Healthcare Practice.

Donna Grindle's #1 Tip to healthcare providers and vendors

Don’t assume. Ask questions! Click to Tweet

My Favorite Takeaways From The Podcast

  • Healthcare privacy and security regulations are more similar than different.
  • Educate as many people as possible about the importance of privacy and cybersecurity.
  • Don't assume that you don't have to ask questions.
  • Privacy is a civil right.
  • Under HIPAA, any business that provides a service to covered entities (healthcare providers) that requires them to have access to protected health information is then considered a business associate (BA).
  • BA's are separately and equally liable to protect patient information.
  • You must have a written agreement between your vendors and your healthcare providers that describes how you will protect patient health information. If you disclose personal information without a written agreement, you are breaking the law.
  • BAA / IMA must include liability clause.
  • Tips: Healthcare Provider Selecting A Vendor
  • Tips: Vendor Selecting A Healthcare Client
  • Cybersecurity insurance

Featured Guest: Donna Grindle

Image ladyFounder & CEO Kardon and
Co-Host Help Me With HIPAA Podcast

Donna brings over 30 years experience in healthcare IT which is the solid foundation of Kardon’s HIPAA privacy and security consulting. Donna stays busy with speaking engagements, the weekly Help Me With HIPAA podcast, and managing a business with a growing client list. Donna’s sense of humor and southern charm spills out into everything she does.

Be sure to tune in to my interview with Donna Grindle,

What Healthcare Practices Should Know About Vendor Vetting And Accountability | Episode #085

Listen To The Podcast Here
#PracticeManagementNugget, BAA, business associate agreement, Donna Grindle, healthcare, HIA, HIPAA, IMA, information manager agreement, podcast, privacy compliance, vendor vetting

Data Privacy Day 2018 Events for You!

Posted on January 14, 2018 by Jean Eaton in Blog

Data Privacy Day is an internationally recognized day dedicated to creating awareness about the importance of privacy and protecting personal information.

Information Managers Ltd is a Data Privacy Champion!

As a DPD Champion, Information Managers recognizes and supports the principle that organizations, businesses, and government all share the responsibility to be conscientious stewards of data by respecting privacy, safeguarding data and enabling trust.

“Each of us is responsible to manage our name and our identity. When you share your personal information, you have the right and responsibility to ask the person or business why they need the information and how they will protect your personal information.”

 Jean L. Eaton, Your Practical Privacy Coach of Information Managers Ltd.

Data Privacy Day Activities

“How to Hire a Business Associate With Confidence”

What Healthcare Providers Need to Know about Business Associate Agreements and Information Manager Agreements

To celebrate Data Privacy Day, Information Managers is hosting a free 30-minute webinar with guest expert Kimberly Shutters, BCS, is the founder and CEO of HIPAA alli on Tuesday January 23.

Health care providers are responsible to know how their business associates secure protected health information.

But, how do you select, monitor, and demand high standards from your vendors and business associates?

In this Privacy Nugget Webinar Kimberly Shutters of HIPAA alli and Jean Eaton will discuss frequently asked questions about Business Associate and Information Manager Agreements.

The healthcare provider is responsible for the privacy, confidentiality, integrity and availability and the security of the personal protected health information regardless where the information is kept and who you authorized to create, receive, maintain and transmit the PHI.

Health care providers and business associates need to work together to protect health information.

Make sure your business associates are not putting you at greater risk of privacy and security breach, penalties, sanctions and even jail!

Join the discussion on Information Management Agreements, Information Sharing Agreements, and Business Agreements in healthcare.

Kimberly Shutters is a powerful advocate for HIPAA Privacy, Security, Breach compliance activities for health care entities and business associates.

The mission of her consulting practice, HIPPA alli,  is to ensure that her clients understand how their daily activities impact the privacy and security of their patient’s Protected Health Information (PHI).

 

 

 

Along with your registration for the event you'll also receive occasional PRIVACY NUGGETS emails designed to provide to you tips, tools, templates and training that you can use right away!

“Talk Shop – Protect Your Business from Information Breaches”

Jean Eaton is a guest on Lauren Sergy’s “Talk Shop” YouTube channel.

Talk Shop learn from industry experts to be a better communicator in work and in life hosted by @lsergy. Privacy tips for business owners just in time for Data Privacy Day!

Talk Shop learn from industry experts to be a better communicator in work and in life hosted by Lauren Sergy!

 

 

I Heart Privacy!

Just in time for Data Privacy Day!

Print badges for your team.

I heart privacy Right-Click the image and select ‘Save As' to download and insert the image into your favourite templates to make badges or stickers or labels.

 

 

 

 

 

 

Or, use the done-for-you sheet of labels that you can print right away and slip into badge holders or print to stickers or labels.

I Heart Privacy DPD Badges      I Heart Privacy Badges

You can even customize the labels and add your business name!

 

 

 

Privacy is good for business

“Data Privacy Day Forum in Edmonton”

Alberta’s Office of the Information and Privacy Commissioner (OIPC) OIPC is hosting a free event on Monday January 22 including topics on artificial intelligence and big data. Register at https://www.oipc.ab.ca/.

Follow Us On Social Media!

Each day from Jan 22 – 28, we will have for daily privacy tips, and free links to additional resources on our social media accounts  that you can download right away! Follow us!

Twitter

 

 

Stay Safe Online

For more information about how to get involved in Data Privacy Day and the Champions program, visit https://staysafeonline.org/dpd . You can also follow the campaign on Twitter at @DataPrivacyDay or Facebook at https://www.facebook.com/DataPrivacyNCSA and use the official hashtag #PrivacyAware to join the conversation.

Please use the social share buttons below to share these Data Privacy Day activities with your friends and colleagues.

#DataPrivacyDayHealthcare, business associate agreement, Data Privacy Day, Data Privacy Day Champion, Data Privacy Day Edmonton, information management agreement

IT Vendor Privacy Impact Assessment Readiness Plan

Posted on January 9, 2016 by Jean Eaton in Blog, Vendor

New healthcare business needs IT solution asks if you have a PIA (what are you going to do about it?)

Healthcare practices throughout Canada and US need IT services and have money to buy new hardware and service contracts. They also need a Privacy Impact Assessment and want to work with a vendor who is PIA prepared.

You don’t want to lose that sale, do you?

Learn what the healthcare business needs to successfully complete their Privacy Impact Assessment. Develop your own responses and move to the top of their preferred vendors list.

I have developed an on-line interactive course to help you learn everything you need in order to create, review, or amend your own Privacy Impact Assessment Readiness plan. The E-course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course includes 5 modules each with a weekly live webinar, as well as templates, tools,resources and one common case study to build on each week.

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course will help you

  • Understand the Privacy Impact Assessment process and the healthcare client needs
  • Organize your business marketing to meet the healthcare clients requirements
  • Be informed
  • Be proactive
  • Improve your internal business documentation
  • Be efficient and reduce the administration delays between procurement and installation
  • Create a branded Privacy Impact Assessment Readiness plan to give to that caller and get the sale.

Let the Practical Privacy Coach help you!

 Video by Trish Findlay – explaindiowhiz on Fiverr

If you are a vendor that supports healthcare practices this e-course is for you!

Vendor_Icon

BONUS! One hour tele-consult with Jean, “Create a branded Privacy Impact Assessment Readiness Package”. Jean will work individually with you to review your documentation and coach you on how to prepare the package to give to healthcare practices.

BONUS! Vendor PIA live webinar includes Vendor non-disclosure agreement, Information Manager Agreement, GAP Analysis, Computer Network Narrative templates.

 

The modules include:

Module 1:

What is a PIA?

Tuesday, January 12, 2016

9 - 10 am MST

 

Module 2:

What is an Information Flow?

Tuesday, January 19, 2016

9 - 10 am MST

 

Module 3:

What is a Risk Analysis?

Tuesday, January 26, 2016

9 - 10 am MST

 

Module 4:

Pull it together into PIA format

Tuesday, February 2, 2016

9 - 10 am MST

 

Module 5:

Complete your PIA Submission

Tuesday, February 9, 2016

9 - 10 am MST

BONUS Module 6:

Vendor PIA

Tuesday, February 16, 2016

9 - 10 am MST

The replays, tools, and resources will be available to you for (almost) forever! If you miss a live webinar, or you will be away for some time during the course, you can catch up with the replays. The resources are yours to keep.

BONUS  Three (3) open office drop-in group calls with Jean to help you get un-stuck with your PIA.

If you a vendor that supports healthcare practices this e-course is for you

BONUS One (1) hour tele-consult with Jean, “Create a branded Privacy Impact Assessment Readiness Package”. Jean will work individually with you to review your documentation and coach you on how to prepare the package to give to healthcare practices.

BONUS Vendor PIA live webinar includes Vendor non-disclosure agreement, Information Manager Agreement, GAP Analysis, Computer Network Narrative templates.

If you provide services for any of these healthcare providers, they probably require a PIA and they require their vendors to support their PIA and privacy, confidentiality, and security best practices. This is for you if you are a vendor that supports a healthcare provider in a group or solo practice with direct patient care, for example a:

  • Physician
  • Pharmacist
  • Registered nurse
  • Optometrist or optician
  • Chiropractor
  • Physiotherapist
  • Midwife
  • Podiatrist
  • Dentist, dental hygienist or denturist
  • Audiologist
  • Mental health practicitioner
  • Laboratory, x-ray, and imaging technician
  • Paramedic

Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments –

A Complete Step-by-Step Course

5 live webinars, replays, templates tools, and resources

$450.00 (plus GST)

Sign_Me_Up_E-coursex551

You will get

  • Learning Resource Guide for EACH module – how-to explanations, templates, and resource lists
  • Checklists to help you plan your PIA
  • MindMap of the entire PIA process
  • PIA project plan timeline templates
  • Checklists of  personal and health information privacy and security policies that you need in your practice
  • Two sample case studies – one for a new PIA project and one for a PIA amendment – that we will use in each module. The case study is easy to understand by everyone. Use this approach for your PIA project.
  • Explanation and real-life examples of key terms that you need to know and include in your PIA
  • Strategies and templates of risk management assessments that you can customize
  • This E-course might qualify for CPE credits, too!

BONUS!  Three (3) open office drop-in group calls with Jean to help you get un-stuck with your PIA.

BONUS! Checklist to update your PIA to meet recent changes to Alberta's Netcare Portal.

BONUS! Invitation to join a private LinkedIn Group with other registered participants of this course to network and support each other on your PIA journey and continue to help you after this course closes.

If you hired a consultant to do the work of the PIA process for you it may cost you as much as $2,000!

And then…when the consultant is done, they take their knowledge out the door with them.

Invest only $450 in this course and you'll have what you need to do your first PIA project today…and every project in the future!

Not sure if this is right for you?

How to Plan a PIA for Your Healthcare Practice – Practice Management Nugget webinar recorded live on December 3, 2015

 

Watch the replay here!

 

Watch the Preview of the E-Course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments.

Preview the E-Course here!

In this preview, Jean will tell you:

  •  3 Biggest Myths about PIA's (and why they are not true)
  •  Questions Privacy Officers, Clinic Managers, Practice Managers Should ask about PIA's but don't
  •  Biggest fears about doing a PIA

Jean will share with you the Solution: Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course.

You will learn:

  •  5 Modules of the E-course
  •  What you get with the course
  •  Why you should buy the course now

 

Complimentary access to the on-line course  Privacy Awareness in Healthcare: Essentials $25 value

from our partner, Corridor Interactive when you purchase the E-course.  One user subscription with access to the course for 3-months. Start this training now – a valuable introduction to Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A Complete Step-by-Step Course.

Sign_Me_Up_E-coursex551

– Jean, Your Practical Privacy Coach

business associate agreement, GAP Analysis, information management agreement, PIA, Privacy Impact Assessment, vendor non-disclosure agreement

What is the elephant in the room?

The Elephant in the Room Find out here...

 

Privacy Policy

 

It is a rare privilege to work with an authentic expert who fulfills their role of consultant and coach with curiosity and respect for the specific nature of their client's unique enterprise. Jean Eaton was always prepared, sat every meeting on time, listened to an endless barrage of questions and answered every one with patience, grace, and wise counsel. The end product Information Managers Ltd provided ECHO Health was exceptional; their ongoing support will be a large measure of our success going forward. I highly recommend their services.

- Dr. Gregg Trueman-Klein, NP, ECHO Health

Register for Free On-line Privacy Breach Awareness Training!

Privacy Policy

Copyright 2023 Information Managers Ltd.

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}