The "Health Information Technology for Economic and Clinical Health Act" ("HITECH Act") was signed into law on February 17, 2009 and takes effect February 17, 2010. It expands HIPAA privacy and security regulations. The two most important changes in the HITECH Act for business associates of HIPAA covered entities are (a) requirement that business associates comply directly with Security Rule provisions directing implementation of administrative, physical and technical safeguards for electronic protected health information and (b) expanded breach notification rules for both covered entities and their business associates.
This agreement is intended to work as a side agreement or collateral agreement to an existing or pending contract with a Business Associate that deals solely with HIPAA privacy issues. It is not intended to be the complete and final written expression of a services agreement between a health care provider and a contractor.
The Kansas Rider or Collateral Agreement to HIPAA Privacy Compliance Agreement for Business Associates HITCHCH Act is a legal document that outlines the specific requirements and obligations of business associates in Kansas in relation to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and the HITCH Act. The agreement serves as an addendum or supplement to the standard HIPAA Privacy Compliance Agreement for Business Associates. It ensures that business associates based in Kansas comply with the additional state-specific regulations and safeguards. This custom agreement addresses various aspects of HIPAA compliance within the state, providing a comprehensive framework for protecting individuals' protected health information (PHI) and adhering to legal requirements. It includes provisions for privacy, security, breach notification, and individual rights, among others. Specifically, the Kansas Rider or Collateral Agreement entails: 1. Privacy Safeguards: This section details the policies and procedures that business associates in Kansas must implement to safeguard PHI. It emphasizes the importance of limiting PHI access to authorized personnel, ensuring proper storage and disposal methods, and implementing necessary technical and physical safeguards. 2. Security Measures: This part outlines the specific security measures that need to be employed to protect electronic PHI (phi). It includes requirements for encryption, secure access controls, audit logs, data backup, and disaster recovery planning. 3. Breach Notification: This section outlines the procedures that business associates must follow in the event of a breach of unsecured PHI. It provides guidelines for prompt breach discovery, assessment, and notification as required by both federal and state laws. 4. Individual Rights: The Kansas Rider extends the rights of individuals regarding their PHI. It ensures that business associates allow for individual access to their records, enable amendments to incorrect information, and provide an accounting of PHI disclosures as mandated by HIPAA. 5. Business Associate Obligations: This clause stipulates the obligations of business associates, including the requirement to enter into agreements with subcontractors that handle PHI and the need for proper workforce training on HIPAA compliance. Types of Kansas Rider or Collateral Agreements under the HITCH Act: 1. Kansas Rider for Covered Entities: This agreement is specific to covered entities within Kansas and outlines the additional state-specific requirements for complying with HIPAA and HITCH regulations. 2. Kansas Rider for Business Associates: This agreement is designed for business associates operating within Kansas. It provides the necessary provisions and obligations for ensuring HIPAA compliance with state regulations. In summary, the Kansas Rider or Collateral Agreement to HIPAA Privacy Compliance Agreement for Business Associates HITCHCH Act is a critical document that ensures Kansas-based business associates comply with the intricacies of both federal and state laws regarding the privacy and security of PHI.
