HIPAA compliance for business associates

Featured image

Share this article

HIPAA Compliance for Business Associates - Paubox

I went to a networking event for healthcare startups in Sunnyvale recently and was surprised by what I learned. The event was well attended and it featured pitches from three startups, followed by keynote speaker Casper De Clercq of Norwest Venture Partners. While the keynote speaker was very informative, what stuck out most in my mind that evening was a likely HIPAA violation that one of the startup speakers referenced during his pitch.

HIPAA Compliance for Business Associates and their Subcontractors

Without going into too much detail about the nature of his startup, one of the speakers that night mentioned something along the lines of, “our code is on a shared server that I give my developers access to.” Whoa! I couldn’t believe what I had just heard. From a HIPAA compliant email viewpoint, let’s take a look at why this was so shocking to me:

  • Who else has access to the shared server?
  • He had already mentioned his developers were subcontractors so the question arises, have those subcontractors signed Business Associate Agreements with his startup?

As we previously covered in a post about the HIPAA Privacy Rule for Business Associates, subcontractors who come into contact with protected health information when doing work for a Business Associate (BA) are themselves considered Business Associates. In other words, these subcontractors are required by law to sign a Business Associate Agreement with the BA that has hired them. And as we also covered in a post about Business Associate Agreement Provisions, every BAA must contain, at a minimum, 10 provisions that must be covered. In other words, the Business Associate Agreement has some serious teeth to it, it’s required by law and it should not be taken lightly.

Choose a Technology Partner that adheres to HIPAA Regulations

If you are a covered entity, a BAA is a must for any technology partner that handles PHI for you. Insist that all of your Business Associates sign such an agreement with you. Here at Paubox, we have a Business Associate Agreement ready for your review and signature. Contact us today to get started.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022