Educause Security Discussion mailing list archives
Re: HIPAA Business Associate/Identity Theft Prevention Agreement
From: "Don M. Blumenthal" <don () DONBLUMENTHAL COM>
Date: Mon, 22 Feb 2010 14:15:19 -0500
I've done Red Flag work and serve, among other things, as chief compliance officer for a company in the PHR space. Whether the requests are reasonable depends on a lot of factors that aren't clear from the message and fundamentally are legal decisions. I'd suggest checking with counsel. Don ====================== Don M. Blumenthal DMB Associates, LLC Technology, Policy, and Law (734) 997-0764 (202) 431-0874 (m) don () donblumenthal com www.donblumenthal.com From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steven Bourdon Sent: Monday, February 22, 2010 1:44 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] HIPAA Business Associate/Identity Theft Prevention Agreement Hello All, I just received an agreement from a local hospital requesting we sign as a "business associate" under HIPAA and "service provider" for FTC Red Flag Rules. Other than a nursing program with student clinical rotations performed at local hospitals we don't deal with protected health information on campus. This is a new area for me so I'm curious if others have signed similar agreements for their health programs with local health providers for student clinical activities. Thanks, Steven M. Bourdon, CISO South Texas College
Current thread:
- HIPAA Business Associate/Identity Theft Prevention Agreement Steven Bourdon (Feb 22)
- <Possible follow-ups>
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Ken Connelly (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Valdis Kletnieks (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Don M. Blumenthal (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Lorenz, Eva (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Chris Kidd (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Steven Bourdon (Feb 23)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Jansen, Morgan R. (Feb 23)