Many times, the answer to this question is ‘yes’. All too often, healthcare providers fail to fully vet their vendors and mitigate risks through their contracts and internal safeguards.
We can help your practice get up to date and prepared to minimize breach risks from third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
In the last six months of 2020, almost 75% of reported breaches were tied to third-party business associates.
It’s no secret that modern medical practice relies on many business associates and data management vendors, especially with the increase in electronic protected health information (e-PHI). It is essential to make sure that your vendors are protecting your data and your patients’ data.
How can you ensure your data is protected?
First, a good contract is essential to protecting you from HIPAA breach liability. Aside from detailing the work to be performed and the payment terms, your vendor contracts should also cover topics such as:
- What due diligence should be performed;
- How often a vendor’s security performance should be monitored;
- How audits should be performed; and
- How the data is actually secured and protected.
We help our clients negotiate effective vendor contracts and Business Associate Agreements to reduce liability for the healthcare provider.
With healthcare breaches on the rise, it is more important than ever to ensure that your data is secure.
Vendors should be able to tell providers what measures are in place to protect data. They should have strong technical controls, along with strong procedural controls.
Procedural controls include custom code, custom programming, and ensuring that the code and programming are from the same standards that you have.
Your Business Associate Agreement should also protect your data.
Make sure you keep your Business Associate Agreements updated as your practice needs evolve.
Business Associates are directly liable for breaches to the same extent as covered entities, but your Business Associate Agreement needs to clearly set out their liability.
We can help draft and negotiate your vendor contracts and Business Associate Agreements. Contact us today!
We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, click here to Subscribe.
Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors? We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs: CLICK HERE.