HIPAA and Health IT – What You Need to Know as a Business Associate

This training program will highlight the HIPAA Security and Privacy Rules and analyze the consequences of being a business associate. It will also examine what a HIPAA compliance program and a HIPAA risk management plan entail.

As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate can be any organization or person working in association with or providing services to a covered entity that handles or discloses Protected Health Information (PHI) or Personal Health Records (PHR). With certain exceptions, a person or entity that creates, receives, maintains, or transmits PHI for a function or activity regulated by the HIPAA Privacy Rule for a covered entity is a business associate.

The HITECH Act, a recent update made to overall HIPAA regulations require business associates to comply with HIPAA mandates regarding the handling and use of health information. As a business associate, you must comply with a wide-range of regulatory obligations, including certain privacy obligations, security standards, and breach notification requirements.

If your business needs to understand what it means to be a business associate and know what required safeguards, policies and procedures must be in place or make sure your current compliance program is adequate and can withstand government scrutiny, join us for this informative and interactive session.

Areas Covered in the Session :

  • Why was HIPAA Created?
  • Who Must Comply With HIPAA Requirements?
  • What are the HIPAA Security and Privacy Rules?
  • What are the Consequences of Being a Business Associate?
  • What is a HIPAA Compliance Program?
  • What is a HIPAA Risk Management Plan?
  • What is a HIPAA Risk Assessment?
  • What is the Role of the HIPAA Security Official?
  • What are HIPAA Training Requirements?
  • What is a HIPAA Data Breach and What Happens if it Occurs?
  • What are the Penalties and Fines for Non-Compliance and How to Avoid Them?
  • Case Examples of HIPAA Data Breaches
  • Creating a Culture of Compliance
Who Will Benefit:

  • HIPAA Privacy Officer
  • HIPAA Security Officer
  • Health Information Technology Vendors and Staff
  • Vendor of Personal Health Records
  • Information Systems Manager
  • Chief Information Officer
  • General Counsel/lawyer
  • Office Manager
  • Third party administrators that assist health plans with claims processing
  • CPA firms whose accounting services to a healthcare provider involve access to protected health information
  • Pharmacy benefits managers that manages a health plan’s pharmacist network
  • Consultants that perform utilization reviews for hospitals


Jay Hodes

Jay Hodes is President of Colington Security Consulting, LLC, which provides HIPAA consulting services for healthcare providers and business associates. Mr. Hodes has over 30 years of combined experience in risk assessments, site security evaluation, regulatory compliance, policy and procedures assessments, and Federal law enforcement management. He is the former Assistant Inspector General for Investigations at the U.S. Department of Health and Human Services.

Mr. Hodes has been the keynote speaker and provided presentations regarding HIPAA compliance to a number of professional healthcare organizations. He has published over 25 educational articles regarding HIPAA compliance, been featured in Part B News articles and provided a guest post in the Electronic Health Reporter.



  • Login Information with Password to join the session, 24 hours prior to the webinar
  • Presentation Handout in .pdf format
  • Presentation from the Speaker
  • Feedback form
  • Certificate of Attendance
  • Recording access Information with Password to view the webinar, will be sent 24 hours after the completion of the Live webinar.
  • Presentation Handout in .pdf format
  • Certificate of Attendance