To embed, copy and paste the code into your website or blog:
The HIPAA privacy and security rules impose significant requirements on covered entities and their business associates; violations may result in penalties ranging from $119 to $59,522 per violation. (45 CFR § 160.404; 45 CFR § 102.3; 85 FR 2879). “Business associates” are generally those entities that create, receive, maintain or transmit protected health information (“PHI”) on behalf of a covered entity (45 § CFR 160.103, definition of
business associate); thus, most entities that handle data for healthcare providers or their business associates will become business associates and subject to HIPAA requirements, including data storage, data transmission, and cloud services providers unless an exception applies.