I would like to submit an important thought about Business Associate agreements.
While the rule allows an extra year to have the BA agreement in place with the required clauses, I have talked with several attorneys that offer a unique perspective: That the covered entity becomes liable for the business associate's actions from April 14th, 2003. In other words, you don't HAVE TO HAVE the agreement executed by the deadline per the rule, BUT the rule still holds the CE to the letter of compliance, which includes disclosures and privacy by all sub-contractors from DAY ONE! It appears to me and those I've discussed this with, that this gives both flexibility, and creates a trap of liability. You can be conforming with the BA agreement requirements, yet fail under disclosure or other privacy requirements. So we have been pursuing the development of a rider or attachment agreement to cover the Privacy rule requirements overall for the BAs, while letting the full BA agreement to be handled in due course within the extended time line. This strategy appears to correct the trap. So my recommendation if spend the next 6 months and get the BA agreements done, or at least get an addendum or attachment executed for safety. I would be interested in discussion on this. Tim McGuinness, Ph.D. Consulting Specialist in Regulatory Privacy, Security, and Application Compliance (HIPAA/ASCA/FDA/CMS-HCFA/ICH/ADA 508c), [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> President, HIPAA Help Now Inc. [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> www.hipaahelpnow.com <http://www.hipaahelpnow.com/> Executive Co-Chairman for Privacy, HIPAA Conformance Certification Organization (HCCO) www.hipaacertification.org <http://www.hipaacertification.org> __________________________________________________________________ Phone: 727-787-3901 Cell: 305-753-4149 Fax: 240-525-1149 Instant Messengers: ICQ# 22396626 - MSN IM: [EMAIL PROTECTED] - Yahoo IM timmcguinness - AOL IM: mcguinnesstim __________________________________________________________________ =========================================================================== IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed. If you are not the intended recipient, please notify the sender at once, and you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited. Nothing in this email, including any attachment, is intended to be a legally binding signature. -----Original Message----- From: Grimes, Colleen [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 19, 2002 8:17 AM To: [EMAIL PROTECTED] Subject: Business Associate Agreements Hope someone can give me feedback regarding any MCO's plans on executing business associate agreements. With the year extension that was provided, I was curious what payers timelines are for executing their BA agreements. Has anyone executed their BA agreements or are MCO's delaying until next year? What would be your rationale for either delaying or executing had the date had not been extended? Thanks, Colleen Grimes Colleen Grimes AVP, HIPAA Compliance 757-473-2737 X3115 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited.
BEGIN:VCARD VERSION:2.1 N:McGuinness;Tim;;;Ph. D. FN:Tim McGuinness Ph. D. ORG:HIPAA Help Now Inc. TITLE:President TEL;WORK;VOICE:(727) 787-3901 TEL;CELL;VOICE:(305) 753-4149 TEL;WORK;FAX:(240) 525-1149 ADR;WORK;ENCODING=QUOTED-PRINTABLE:;;Corporate Office:=0D=0A1920 East Hallandale Blvd., Suite 600,;Hallandale B= each;Florida;33009;United States of America LABEL;WORK;ENCODING=QUOTED-PRINTABLE:Corporate Office:=0D=0A1920 East Hallandale Blvd., Suite 600,=0D=0AHallandal= e Beach, Florida 33009=0D=0AUnited States of America ADR;POSTAL;ENCODING=QUOTED-PRINTABLE:;;Tampa Bay Office:=0D=0A687 First Court;Palm Harbor;Florida;34684;United St= ates of America LABEL;POSTAL;ENCODING=QUOTED-PRINTABLE:Tampa Bay Office:=0D=0A687 First Court=0D=0APalm Harbor, Florida 34684=0D= =0AUnited States of America URL;WORK:http://www.hipaahelpnow.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] EMAIL;INTERNET:[EMAIL PROTECTED] REV:20020906T095704Z END:VCARD ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited.
