Matt -- Thanks for the update. I have a couple of suggestions. First, I
hope you understand that I participate in this list because, as an
attorney, I represent covered entities and business associates. As an
attorney and a business associate, I emphasize with the struggles that
covered entities
I apologize for redundancy if this has already been addressed
I wonder if anyone can point me to a resource that indicates how a BAA might
be structured if both entities are a covered entity? For instance, in the
case of an agreement between a clearinghouse and provider. Should the
Title: RE: Another thread on Security/Privacy question
Roy,
I would agree with your conclusions with
regard to HIPAA but you will probably none the less need a privacy agreement
with the collections agency not to disclose or sell credit card information. The
FTC does not look too