Covered entities should periodically audit their business associates – why, what, and how? (Podcast)

Participants: Moderator

  • Gerry Blass, President & CEO, ComplyAssistant


  • Mac McMIllan, CEO & Founder, CynergisTEK, Inc.
  • Francois Bodhuin, IS Technology Director & Information Security Officer, Inspira Health Network
  • Lou Dignam, Director of Information Security and Server Platforms, Virtua Health

Description: Covered Entities (CEs) are required to protect personal health information (PHI) that they create, maintain and transmit. We have all read about skyrocketing penalties and lawsuits for breaches due to willful neglect, a result of the HITECH Act of 2009 and the Omnibus final rule published in early 2013. CEs must implement administrative, physical and technical safeguards and continually re-evaluate risk as part of their change management program. How about third party vendors / business associates (BAs)? In this webinar, we explore what CEs should be doing and how to manage BAs. Join us while we share our first-hand experiences of managing BAs.