Q. My facility offers telehealth services as an originating site. Is the distant site acting as a BA in these situations? Is my facility responsible for ensuring the distant site is in compliance with the Security Rule?
There are many questions out there about what a managed service provider (MSP) should do for covered entities and business associates. There are different flavors of MSPs out there; therefore, it’s important to think about what your MSP will do for you and how to spot an MSP that may not be a good fit for your organization.
A ransomware attack launched May 12 crippled systems around the world and raised questions about the healthcare industry’s ability to withstand a massive cyberattack.
Q: Is a covered entity required to see a copy of a business associate’s risk management and security plan? Do we need to have a copy of this in our files?
Compiling the statistics for insider threats to patient privacy is easy. It’s the mitigation of these risks that takes time, strategy, and commitment. According to the January 2017 Protenus Breach Barometer, internal health system employees were responsible for 58.4% of breached patient data during January 2017.
