17 May 2012
May 14, 2012
Third-party business partners represent a significant security risk to health care providers, who may need several layers of protection to ensure the security of patient data.
The HIPAA Privacy Rule refers to third parties as “business associates” and defines them as individuals or organizations that handle protected health information, or PHI, in the course of working with a covered entity. The category may cover a range of companies, including data processing firms, IT consultants and cloud computing providers.