HIPAA Security and Vendors | [node:field-byline] | Healthcare Blogs Skip to content Skip to navigation

HIPAA Security and Vendors

December 1, 2007
by Reece Hirsch
| Reprints

One trend that I'm seeing in my practice representing healthcare information technology companies is an increased focus on applying the HIPAA Security Rule standards to vendors. Â A HIPAA business associate agreement is required to contain relatively sketchy representations regarding "reasonable and appropriate" vendor security measures. Â For application service providers and other vendors that maintain significant quantities of protected health information, some HIPAA covered entities are beginning to seek much more detailed security representations that amount to compliance with the Security Rule. Â For vendors, this sort of approach can seem burdensome and overly prescriptive. Â For HIPAA covered entities, the approach is intended to ensure that security protections are not diminished when data is in the hands of vendors. Â In any event, it is a negotiation that many healthcare technology companies are faced with ....

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on