I don't think vendors should write agreements. I represent a hospital that is getting a lot of agreements from vendors. I say this with strong conviction, I do not want to sign vendor agreements. I think that if I've given you access to my patient information, you should sign my agreement. After all, its my information and I'm responsible for it. Furthermore, you are not a covered entity and you are not required by law to have an agreement. Do you have a Notice of Privacy Practice? Of course not, but why would you follow part of the law and not all of it? I wonder if I'll have this same strong conviction when JCAHO sends me their agreement. Thanks, Leslie Harpe South Georgia Medical Center Valdosta, GA 31605 [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-----Original Message----- From: Ian Leedom [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 12:23 PM To: WEDI SNIP Privacy Workgroup List Subject: RE: to sign or not to sign I also represent a software vendor in a similar situation. Our take has been that we must have Business Agreements (BA) with the CE's simply because we have access to PHI. It also means that at some level, we need to know who has in fact accessed things and when. I think that the fact that you have access to a DB which has PHI in it is enough to trigger all of the privacy rule in HIPAA . My problem, and I'd love to hear from others about this, is what sort of BA we should in fact have. We have enough clients that if we send every agreement from every client to our corporate attorneys then we'll be bankrupt before April. And you're right that some clients want indemnification for things which are THEIR business and for us to keep data even after a business contract has ended. If anyone has any to add to this, I for one would love to hear it. Ian Leedom Psyche Systems 321 Fortune Blvd. Milford, MA 01757 Tel: (508) 473-1500 x341 Compliments humbly accepted. Flames cheerfully ignored. -----Original Message----- From: Jim Randolph [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 11:39 AM To: WEDI SNIP Privacy Workgroup List Subject: RE: to sign or not to sign Let me carry this a step further. We are a software vendor that has received BACs, TPAs and Chain of Trust agreements from different customers. As a vendor to this particular customer base we are exposed to PHI but never manipulate it in any way. Our support personnel do review setup configurations, billing problems or DB issues; but don't do anything to PHI. Attorneys and consultants are advising our customers so differently that no matter what, we end up being "the evil vendor." Some of the BACs we receive are rather ridiculous, like requiring us to assume financial liability if our customer has any HIPAA problems in the future. The question for the group is: What is required in this scenario a BAC, TPA or COT? Jim Randolph The Echo Group -----Original Message----- From: Traci Winter [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 22, 2003 3:49 PM To: WEDI SNIP Privacy Workgroup List Subject: to sign or not to sign OK so the next question is do we sign these BACs or just put them in the round file. Your answers reflected what my impression was, but I wanted reinforcement. Thanks, Traci Winter --- --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [email protected] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
