Business Associates (BAs) will soon be directly responsible to the government for complying with specific HIPAA privacy and security requirements. The Health Information Technology for Economic and Clinical Health (HITECH) Act—part of the American Recovery and Reinvestment Act signed into law by President Barack Obama–requires HIPAA-covered entities (CEs) and their business associates (BAs) to comply with these enhanced requirements. New penalties for violating HIPAA and HITECH Act privacy and security regulations are enormous. CEs and BAs face up to $1.5 million in fines for multiple violations of a single requirement in a calendar year, and untold damage to their reputations. Don"t become a violation statistic The HIPAA and HITECH Toolkit is a valuable resource that helps both CEs and BAs understand and meet the HITECH Act’s expanded HIPAA Privacy and Security rules and ensure compliance. It walks you through the HIPAA changes and their impact on your organization. It was developed and written by Kate Borten, CISSP, CISM, a long-time recognized expert on the convergence of healthcare, privacy and security, and regulation. The HITECH Act requires CEs to update all their BA agreements to comply with these expanded responsibilities. And every BA should be proactive in understanding and meeting these new responsibilities. The HIPAA and HITECH Toolkit CD-ROM is loaded with everything you need, including: Sample agreement/contracts for CEs and for BAsSpreadsheet for tracking BAs or subcontractorsSuggested questions for CEs and BAsBreach notification requirements Flow chart and checklist Checklist for mandatory breach notificationSample encryption policy Inventory forms for safe handling of portable devices and media Sample working offsite policy, user agreement, and checklistSample disposal policySlide show for workforce privacy and security training Download, customize, and put these documents to work for you right away. The accompanying booklet explains:HIPAA and HITECH Act enforcement and penaltiesThe direct impact on BAs and personal health record (PHR) vendorsHow to identify a personal health information breach and the requirements and various methods of notification Who needs The HIPAA and HITECH Toolkit? All business associates, including but not limited to coding and transcription services, third party billers, collection agencies, certain software vendors, certain attorneys and auditors, and disposal servicesAll PHR vendors and their service providersAll CEs including hospitals, healthcare systems, clinics, physician offices, and medical practicesPrivacy and information security officers, compliance officers, and risk management officers, administrators, and executives Make this CD-ROM part of your larger training program This CD-ROM may also be purchased as part of a package with 25 training handbooks written to help BAs understand their responsibilities under the new HIPAA law.