The Essentials of Auditing and Managing Business Associates

Privacy and Security Institute


Saturday, October 7, 2017

Adam Bullian, JD QI Express

Hospital networks are growing and are becoming more reliant on vendors to delivery critical business services. As the chain of patient information grows, the risks to the hospitals also grows. Thus, hospitals need to be proactive about who they allow access to patient information, and how their Business Associates protect information.  This presentation will provide practical steps that hospitals of all size can take to validate and manage the safeguards Business Associates employ to protect patient information.

  1. Determine when it is appropriate to exercise the right to audit Business Associates or what type of Business Associate management is appropriate for your organization;
  2. Discuss tools to effectively include the right to audit or other management activities in the Business Associate Agreement;
  3. Explain when or what should trigger an audit of a Business Associate;
  4. Discuss the best practices of auditing a Business Associate; and
  5. Evaluate the next steps after an audit of a Business Associate and how the management of the Business Associate may change.  

Download our free ebook "Top Excuses for Ignoring Cybersecurity"

Screen Shot 2018-01-24 at 1.53.11 PM.png

In this ebook:

  • A look at the increasing risk that healthcare organizations face
  • Statistics that show IT and cyber need more resources and emphasis
  • Easy, actionable tips on improving your security now. 
  • Top cybersecurity trends of recent years