Overview
Medical Economics magazine quoted Michael Vatis in an April 10 article titled “How to Protect Your Practice When Data Breach Hits a Partner.” The article discusses data breach prevention and response strategies in the healthcare sector and explores how small medical practices should react when one of their technology partners or other third-party collaborators is hacked. According to the article, as part of the early breach response the practice should gather any business associate agreements covering the vendor(s) involved in the exposure.
Mr. Vatis says, “[The US Department of Health and Human Services] has been very aggressive in going after covered entities that don’t have business associate agreements in place and up to date.” Mr. Vatis adds that confirming the language and date of the agreement won’t mitigate the harm to victims of a breach, but it is the kind of documentation that may be important to have handy as the investigation moves forward and the scope of the damage becomes clear.
The full article can be read at Medical Economics.