Educause Security Discussion mailing list archives
Re: HIPAA Business Associate/Identity Theft Prevention Agreement
From: Steven Bourdon <sbourdon () SOUTHTEXASCOLLEGE EDU>
Date: Tue, 23 Feb 2010 11:03:54 -0600
Thanks to all respondents for your helpful feedback. I found the HIPAA compliance site at SUNY- Univ. of Buffalo http://www.hpitp.buffalo.edu/hipaa/ and their position statement very helpful in determining that our student clinical activities do not make us a "business associate" under HIPAA. Cheers, Steve Steven M. Bourdon Chief Information Security Officer South Texas College, McAllen, TX Phone: (956) 872-2335 Fax: (956) 872-556 From: Chris Kidd [mailto:chris.kidd () UTAH EDU] Sent: Monday, February 22, 2010 3:31 PM Subject: Re: HIPAA Business Associate/Identity Theft Prevention Agreement We ask institutions sending students on clinical rotations to sign a clinical training agreement w/ business associate language. It's been a routine practice since 2003. Chris Chris Kidd Chief Information Security and Privacy Officer University of Utah 650 Komas Drive, Suite 102 Salt Lake City, UT 84108 Office: 801.587.9241 Cell: 801.747.9028 chris.kidd () utah edu http://www.secureit.utah.edu From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steven Bourdon Sent: Monday, February 22, 2010 1:44 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] HIPAA Business Associate/Identity Theft Prevention Agreement Hello All, I just received an agreement from a local hospital requesting we sign as a "business associate" under HIPAA and "service provider" for FTC Red Flag Rules. Other than a nursing program with student clinical rotations performed at local hospitals we don't deal with protected health information on campus. This is a new area for me so I'm curious if others have signed similar agreements for their health programs with local health providers for student clinical activities. Thanks, Steven M. Bourdon, CISO South Texas College
Current thread:
- HIPAA Business Associate/Identity Theft Prevention Agreement Steven Bourdon (Feb 22)
- <Possible follow-ups>
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Ken Connelly (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Valdis Kletnieks (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Don M. Blumenthal (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Lorenz, Eva (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Chris Kidd (Feb 22)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Steven Bourdon (Feb 23)
- Re: HIPAA Business Associate/Identity Theft Prevention Agreement Jansen, Morgan R. (Feb 23)