Peter, Yes, I agree. There may actually be some �possible harm� in executing a BAC with the janitorial service. For example, a HIPAA-compliant BAC would document that the janitorial service is responsible for using PHI on behalf of the CE, an activity that is clearly NOT intended.
It would probably be preferable to engage the janitorial service in a general business contract that contains a �confidentiality� clause as well as some language that defines how the workers will be trained/educated and supervised in their �privacy� responsibilities. I hope that this helps. Your questions are always welcome. Matt Matthew Rosenblum Chief Operations Officer Privacy, Quality Management & Regulatory Affairs CPI Directions, Inc. 10 West 15th Street, Suite 1922 New York, NY 10011 (212) 675-6367 [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this communication in error, please do not distribute it. Please notify the sender by E-Mail at the address shown and delete the original message. Thank you. AVISO DEL CONFIDENCIALIDAD: Este email es solamente para el uso del individuo o la entidad a la cual se dirige y puede contener informaci�n privilegiada, confidencial y exenta de acceso bajo la ley aplicable. Si usted ha recibido esta comunicaci�n por error, por favor no lo distribuya. Favor notificar al remitente del E-Mail a la direcci�n mostrada y elimine el mensaje original. Gracias. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 12:45 PM To: Matthew Rosenblum; [EMAIL PROTECTED] Subject: RE: Unlocked charts Matt, You might consider that a janitorial service is really not a business associate because although it may perform a function on behalf of a covered entity, PHI is not or should not be disclosed to it for the purpose of performing its janitorial functions. Any disclosure to the service would be incidental to an authorized use or disclosure or an accident and something that a covered entity should seek to avoid. Peter ************************************************ Peter B. Goldstein Cap Gemini Ernst & Young, US LLC 9781 E. Meridian Blvd, Suite 220 Englewood, CO 80112 (720) 568-4323 (Direct) (303) 885-1492 (Cell) (413) 740-0512 (Facsimile) cap comm: 657 4653 [EMAIL PROTECTED] ************************************************ ______________________________________________________________________ This message contains information that may be privileged or confidential and is the property of the Cap Gemini/Ernst & Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
