Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Can protected health information be sent to a third-party service provider?

health information protected Provider sent service third-party
0
Posted

Can protected health information be sent to a third-party service provider?

0 CommentsAdd a Comment

1 Answer

0

Before protected health information can be provided to a third-party service provider, HIPAA requires that a Business Associate Contract be signed stating that the third-party will implement reasonable safeguards to protect the confidentiality and integrity of protected health information. The Office of General Counsel should be engaged to assist in the development of such a contract. The Information Security Office should also be engaged to ensure there are no additional security requirements beyond that of HIPAA. Send email to iso@andrew.cmu.edu if you would like someone within the Information Security Office to review a third-party service contract prior to signing.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123