How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask socrateaser Your Own Question

socrateaser
socrateaser, Attorney
Category: Business Law
Satisfied Customers: 34854
Experience:  Retired (mostly)
10097515
Type Your Business Law Question Here...
socrateaser is online now
A new question is answered every 9 seconds

Two HIPAA compliant organizations has a business relationship

Resolved Question:

Two HIPAA compliant organizations has a business relationship encompassing data exchange and querying of said data. A Hospital and a Patient Billing/Denial database company. The Pt Billing/Denial data compnay imports teh hospitals pt financial data to its databases which is accessed by the hospital to create reports and perform querys. When the hospital has an employee that they require to have access to the data, the Pt Billing/Denial database company requires a signed access request form from the hospital enduser. Does not HIPAA cover "implied trust" between two HIPAA compliant organizations which would make this requirement not necessary?
Submitted: 5 years ago.
Category: Business Law
Expert:  socrateaser replied 5 years ago.

HIPAA violations are subject to severe penalties. Error on the side of caution is reasonable.

 

Employees engaged in patient care can reasonably discuss and disclose patient information so as to provide care, without a risk of violation. However, as the distance between patient care and the provider increases, the risk of disclosure to an unauthorized person increases.

 

An implied agency between contracting parties and employees that would protect all from a HIPAA violation may be sufficient to cover the exchange of information. But, without a signed access request, the billing company could be accused of not taking reasonable steps to prevent an unauthorized third party from accessing patient records.

 

Thus, the requirement is reasonable, even if not expressly required.

 

Hope this helps.

 

Terms and Conditions: By your continuing in this conversation with me, or by your clicking “Accept”, you are expressly agreeing to all of the following: (1) our communication is for entertainment purposes only; (2) you are not consulting me in my professional capacity as an attorney; (3) you do not seek to establish an attorney-client relationship with me, nor do I with you; (4) you will not rely on anything I say and you will obtain appropriate legal counsel via a traditional/office consultation with an attorney licensed to practice in the jurisdiction where your legal issue arises (and you may not use our communication to avoid taxpayer penalties imposed by the U.S. Dept. of Treasury); (5) by communicating with me in this public forum you are irrevocably waiving any right to privacy, confidentiality and attorney-client privilege concerning the matters discussed. You further separately declare that any payment made by you is not consideration for this contract, nor offered for any services rendered by me on your behalf, but rather is made in genuine admiration and respect for my desire to help others. If you do not agree with these terms and conditions, then you must advise me immediately.

Customer: replied 5 years ago.
Sorry, I didn't meant to imply that the non-hospital agency was a billing entity. The other agency imports the hospital's pt billing data and regurgitates it into queriable database that is accessed via the internet by the hospital Business Office employees for reference purposes. So, in other words, the BO emplolyees are accessing data that they already have access to just in a different format/venue (secured queriable internet provided by the non-hospital agency).
Expert:  socrateaser replied 5 years ago.
What's the goal you're trying to accomplish? That may clarify my understanding enough to provide an intelligent response. Thanks.
Customer: replied 5 years ago.

GOAL: To eliminate physical signatures on a access request form that the non-hospital agency states it needs to be HIPAA compliant.

 

> The problem is not the access request form but the physical signatures that they seem to have a need for.

> The requested signatures are redundant since we have HIPAA compliant process in place.

> This also creates undue costs attempting to acquire a physical signature and then faxing the form back (times the number of employees that require a access.)

> Doesn't HIPAA cover "implied trust" between two organizations?

 

Bob

 

Expert:  socrateaser replied 5 years ago.

No "implied trust." Just the opposite. 45 CFR Part 164, Subpart C provides specific security requirements, which although flexible, must be established and maintained.

 

An electronic signature may or may not be a sufficient safeguard. It would depend upon the degree of ease with which the electronic signature could be hacked, as compared to a physical signature.

 

 

socrateaser, Attorney
Category: Business Law
Satisfied Customers: 34854
Experience: Retired (mostly)
socrateaser and 2 other Business Law Specialists are ready to help you
Customer: replied 5 years ago.

Thank you even though that is not the answer I was looking for. :) I do appreciate your time and answers.

 

Thanks again,

Bob

 

Expert:  socrateaser replied 5 years ago.
You're welcome and good luck.

JustAnswer in the News:

 
 
 
Ask-a-doc Web sites: If you've got a quick question, you can try to get an answer from sites that say they have various specialists on hand to give quick answers... Justanswer.com.
JustAnswer.com...has seen a spike since October in legal questions from readers about layoffs, unemployment and severance.
Web sites like justanswer.com/legal
...leave nothing to chance.
Traffic on JustAnswer rose 14 percent...and had nearly 400,000 page views in 30 days...inquiries related to stress, high blood pressure, drinking and heart pain jumped 33 percent.
Tory Johnson, GMA Workplace Contributor, discusses work-from-home jobs, such as JustAnswer in which verified Experts answer people’s questions.
I will tell you that...the things you have to go through to be an Expert are quite rigorous.
 
 
 

What Customers are Saying:

 
 
 
  • Mr. Kaplun clearly had an exceptional understanding of the issue and was able to explain it concisely. I would recommend JustAnswer to anyone. Great service that lives up to its promises! Gary B. Edmond, OK
< Last | Next >
  • Mr. Kaplun clearly had an exceptional understanding of the issue and was able to explain it concisely. I would recommend JustAnswer to anyone. Great service that lives up to its promises! Gary B. Edmond, OK
  • My Expert was fast and seemed to have the answer to my taser question at the tips of her fingers. Communication was excellent. I left feeling confident in her answer. Eric Redwood City, CA
  • I am very pleased with JustAnswer as a place to go for divorce or criminal law knowledge and insight. Michael Wichita, KS
  • PaulMJD helped me with questions I had regarding an urgent legal matter. His answers were excellent. Three H. Houston, TX
  • Anne was extremely helpful. Her information put me in the right direction for action that kept me legal, possible saving me a ton of money in the future. Thank you again, Anne!! Elaine Atlanta, GA
  • It worked great. I had the facts and I presented them to my ex-landlord and she folded and returned my deposit. The 50 bucks I spent with you solved my problem. Tony Apopka, FL
  • Wonderful service, prompt, efficient, and accurate. Couldn't have asked for more. I cannot thank you enough for your help. Mary C. Freshfield, Liverpool, UK
 
 
 

Meet The Experts:

 
 
 
  • Law Pro

    Attorney

    Satisfied Customers:

    1767
    20 years experience in business law - sole proprietor, partnership, and corporations
< Last | Next >
  • http://ww2.justanswer.com/uploads/LA/lawpro/2012-6-25_171315_PT206740s.64x64.jpg Law Pro's Avatar

    Law Pro

    Attorney

    Satisfied Customers:

    1767
    20 years experience in business law - sole proprietor, partnership, and corporations
  • http://ww2.justanswer.com/uploads/dkaplun/2009-05-17_173121_headshot_1_2.jpg Dimitry K., Esq.'s Avatar

    Dimitry K., Esq.

    Attorney

    Satisfied Customers:

    1495
    Run my own successful business/contract law practice.
  • http://ww2.justanswer.com/uploads/DC/DCraneEsq/2012-8-14_14436_DCrane.64x64.jpg MShore Law's Avatar

    MShore Law

    Attorney

    Satisfied Customers:

    1233
    Drafted Negotiated and/or Reviewed Thousands of Commercial Agreements
  • http://ww2.justanswer.com/uploads/FL/FLAandNYLawyer/2012-1-27_14349_3Fotolia25855429M.64x64.jpg FiveStarLaw's Avatar

    FiveStarLaw

    Attorney

    Satisfied Customers:

    1174
    25 years of experience helping people like you.
  • http://ww2.justanswer.com/uploads/scottymacesq/2009-6-10_221523_small.jpg RGMacEsq's Avatar

    RGMacEsq

    Attorney

    Satisfied Customers:

    504
    Licensed Texas General Practice Attorney
  • http://ww2.justanswer.com/uploads/ohioatty/2009-1-22_185545_me.jpg J.Hazelbaker's Avatar

    J.Hazelbaker

    Attorney

    Satisfied Customers:

    393
    Experienced and trained in the area of business law.
  • http://ww2.justanswer.com/uploads/BA/barristerinky/2012-6-10_22423_office.64x64.jpg Barrister's Avatar

    Barrister

    Attorney

    Satisfied Customers:

    373
    14 years practicing attorney, MBA
 
 
 

Related Business Law Questions

Chat Now With A Business Lawyer
socrateaser
socrateaser
2185 Satisfied Customers
Retired (mostly)