Course Details

HIPAA Compliance 2.0 For Business Associates Under The New Rule

Webinar: ID# 1013548
Recorded CD
About This Course:
This webinar will provide healthcare counsel with guidance on the final HIPAA rule and its impact on business associate agreements (BAAs), as well as changes to privacy, security and breach notification requirements for covered entities. The panel will outline strategies to ensure compliance with the increased obligations.

Course Description

The HIPAA Omnibus Rule modified its privacy, security and enforcement rules and its breach notification rule. BAAs are impacted by the new HIPAA requirements, and counsel must review these relationships to make sure that BAAs are in place where needed.

BAAs must address issues, including data de-identification, data aggregation, dealing with security breaches, training, and indemnification to ensure HIPAA compliance. With stiff fines and potential recourse for data breaches and violations, noncompliance penalties can easily run into the millions, and trigger state AG lawsuits and class action suits.

Business associates and subcontractors are now wrestling with the obligations with the new HIPAA requirements. Counsel should understand that covered entities can be held vicariously liable for compliance failures by business associates. Therefore, counsel to covered entities and business associates must prepare to navigate the complex challenges of HIPAA's requirements.

Listen as our authoritative panel examines business associate compliance from the BA agreements to privacy and security requirements. The panel will address advanced issues, including data de-identification, dealing with security breaches, and contracting, that are facing business associates and their counsel and offer best practices for HIPAA compliance.


  • Business associate agreements
  • Modifying and updating existing agreements
  • Negotiating and drafting new agreements—indemnity, audit rights, transmission of PHI overseas and other contract challenges
  • Dealing with subcontractors
  • Privacy and security challenges
  • Data aggregation
  • Data de-identification and limited data sets
  • Breaches and breach notification
  • Best practices for compliance


The panel will review these and other key questions:

  • What are the implications of the Omnibus Rule for business associate and covered entities with BAAs?
  • What issues must business associates and covered entities consider before entering into BAAs?
  • What steps should business associates and covered entities take to ensure compliance with the privacy and security requirements under HIPAA?

Following the speaker presentations, you'll have an opportunity to get answers to your specific questions during the interactive Q&A.


Gina M. Kastel, Partner
Faegre Baker Daniels, Minneapolis
Ms. Kastel has a broad range of health law experience, including advising healthcare providers, medical device manufacturers and software companies regarding health information privacy issues, including compliance with HIPAA's privacy and security regulations and state health records laws.

Nathan A. Kottkamp, Partner
McGuireWoods, Richmond, Va.
Mr. Kottkamp concentrates in healthcare law, including Medicare, Medicaid, managed care, third-party reimbursement, federal and state regulatory compliance, fraud and abuse, self-referral prohibitions, privacy and confidentiality requirements, patient rights and clinical ethics, medical staff privileges, healthcare contracts, certificate of public need proposals, reproductive medicine and HIPAA.

CPE Credits Available!

This program has been approved for 1.5 CPE hours through Strafford Publications. CPE Credit is available only for the LIVE webcast. Recorded versions do not qualify for credit.

Strafford is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit.

To obtain CPE credit, attendees must participate in the live event, return an Official Record of Attendance to Strafford affirming their participation (including the CPE code announced during the program), and pay a processing fee of $35 per person. Strafford then will mail a certificate of credit within approximately two weeks of receiving your completed Official Record of Attendance.

HIPAA Compliance 2.0 For Business Associates Under The New Rule
or via CD
Course Details
Share This:
About Us Contact Us Privacy Add To eMail List My Account 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-1219 |
Copyright 2018 | Web Site Development by OTAU