A recent study of privacy breaches reported to the U. S. Office of Civil Rights revealed, that a majority of those breaches occurred at the Business Associate level. Covered Entities can be held liable for the breaches of their Business Associates. This, coupled with increased enforcement efforts of the Office of Civil Rights, is leading healthcare organizations to seek solutions for mitigating their risk of privacy breaches from their Business Associates.
Medical Risk Institute is proud to offer an Business Associate Accreditation Program™ (BAAP) for vendors that work with Covered Entities and Protected Health Information (PHI). Through our proprietary BAAP, we assist businesses in demonstrating compliance with HIPAA and the HITECH Act. Our program uses a seven step process and is designed to proactively decrease the risk of breaches to patients’ protected health information.