According to Lorraine Mazurek, the Pregnancy Medical Clinic HIPAA Consultant, if your pregnancy medical clinic (PMCs) is storing client’s Private Health Information (PHI) electronically (i.e., eKyros or Way Cool) then guess what? You now must comply with HIPAA’s HITECH ACT.
This means that, according to Lorraine, you should secure a Business Associate Agreement (BAA) from such an entity.
The risk is if your patient’s PHI becomes compromised as a result of one of these electronic tracking groups becoming hacked.
If no BAA is signed by the electronic group, Lorraine says that the PMC may be at risk. Attached are three documents from Lorraine regarding this that may be helpful for you.
The bottom line is that all Pregnancy Medical Clinics who are using eKyros or WayCool (or other electronic method for storing PHI) must secure a signed BAA from the electronic provider. In addition, HIPAA wants the BAA to have specific language in it.
Click here Business Associate Agreement to download this HIPAA BAA.
Here is more information on this issue:
Questions? Contact Lorraine Mazurek at:
Office Phone: 855-704-5189 or 541-466-3300