Q: The hospital where I work entered into a business associate agreement (BAA) that requires the business associate (BA) to notify us of a potential breach no more than 60 days after it is discovered.
It's one of the most common questions privacy and security officers ask, and one I hear frequently myself: "How can I prepare for HIPAA compliance?"
It's time for your organization to begin its risk assessment--do you know where your PHI is?
Tips from this month's issue
A look at encryption, breaches, and policies
