Business Law

Ask a business lLawyer. Get business law questions answered ASAP.

Ask a Lawyer,
Get an Answer ASAP!

HIPAA compliance for software developer

Customer Question
We are a software development...
We are a software development company that provides administrative software to educational institutions. We do not access students’ PHI however, when debugging a system, or providing service to our clients, we have the ability to access that information. After extensively studying the HHS website regarding HIPAA compliance we have concluded that we are a Business Associate. The purpose of this letter is to get confirmation from your office that we are a Business Associate and get the following questions answered. 1. Are we considered a Business Associate? 2. What do we need to do to be considered HIPAA compliant? 3. Is a Business Associate Agreement with our clients the covered entity the only requirement? 4. Do we also need to train our staff and write up policies for Privacy and Security?
Submitted: 6 years ago.Category: Business Law
Show More
Show Less
Ask Your Own Business Law Question
Answered in 2 days by:
9/4/2011
Business Lawyer: Richard - Bizlaw, Attorney replied 6 years ago
Richard - Bizlaw
Category: Business Law
Satisfied Customers: 10,841
Experience: 30 years of corporate, litigation and international law
Verified

bizlaw :

From what you say, your normal activities on behalf of the institutions would not require you to use or need access to students' PHI. What I gather arises is that in connection with debugging a system or providing certain services, you may have access to, but no need to use, students PHI. Whether you are a business associate under this circumstance is problematic but it is better to err on the side of caution. However, I do not believe you need to have a Business Associate Agreement with your clients.. What you do need to do is to train your staff and to establish clear corporate policy that if in the course of their duties, they have access to or in any way use PHI, they cannot disclose what they see to any person other than as necessary to disclose to a company associate in connection providing the service or making the repair and that associate is equally bound to maintain the confidentiality of that information. The policy and the basic procedures should be written. If this is done you will have met your HIPPA obligation and can assure your clients that you will maintain the privacy of the PHI on those rare occassions when you have access to or actually use such information in performing your services for the client.

If this answer is responsive to your question, please accept it. That is how we are compensated. It would also be appreciated if you provided feed back on your view of the answer. Finally, if the answer was especially helpful you can provide a bonus. If I can be of further assistance or you have other questions in the future you can ask for me and reach me at this site.

This communication is not intended as legal advice. A local attorney should always be consulted for legal advice. No client/attorney relationship is intended or created by this communication.

Ask Your Own Business Law Question
Was this answer helpful?

How JustAnswer works

step-image
Describe your issueThe assistant will guide you
step-image
Chat 1:1 with a business lawyerLicensed Experts are available 24/7
step-image
100% satisfaction guaranteeGet all the answers you need
Ask Richard - Bizlaw Your Own Question
Richard - Bizlaw
Richard - Bizlaw
Richard - Bizlaw, Attorney
Category: Business Law
Satisfied Customers: 10,841
10,841 Satisfied Customers
Experience: 30 years of corporate, litigation and international law

Richard - Bizlaw is online now

A new question is answered every 9 seconds

How JustAnswer works:

  • Ask an ExpertExperts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional AnswerVia email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction GuaranteeRate the answer you receive.

JustAnswer in the News:

Ask-a-doc Web sites: If you've got a quick question, you can try to get an answer from sites that say they have various specialists on hand to give quick answers... Justanswer.com.
JustAnswer.com...has seen a spike since October in legal questions from readers about layoffs, unemployment and severance.
Web sites like justanswer.com/legal
...leave nothing to chance.
Traffic on JustAnswer rose 14 percent...and had nearly 400,000 page views in 30 days...inquiries related to stress, high blood pressure, drinking and heart pain jumped 33 percent.
Tory Johnson, GMA Workplace Contributor, discusses work-from-home jobs, such as JustAnswer in which verified Experts answer people’s questions.
I will tell you that...the things you have to go through to be an Expert are quite rigorous.

What Customers are Saying:

Mr. Kaplun clearly had an exceptional understanding of the issue and was able to explain it concisely. I would recommend JustAnswer to anyone. Great service that lives up to its promises!

Gary B.Edmond, OK

My Expert was fast and seemed to have the answer to my taser question at the tips of her fingers. Communication was excellent. I left feeling confident in her answer.

EricRedwood City, CA

I am very pleased with JustAnswer as a place to go for divorce or criminal law knowledge and insight.

MichaelWichita, KS

PaulMJD helped me with questions I had regarding an urgent legal matter. His answers were excellent.

Three H.Houston, TX

Anne was extremely helpful. Her information put me in the right direction for action that kept me legal, possible saving me a ton of money in the future. Thank you again, Anne!!

ElaineAtlanta, GA

It worked great. I had the facts and I presented them to my ex-landlord and she folded and returned my deposit. The 50 bucks I spent with you solved my problem.

TonyApopka, FL

Wonderful service, prompt, efficient, and accurate. Couldn't have asked for more. I cannot thank you enough for your help.

Mary C.Freshfield, Liverpool, UK

< Previous | Next >

Meet the Experts:

Infolawyer

Infolawyer

Attorney

2,032 satisfied customers

Experienced lawyer

Dimitry K., Esq.

Dimitry K., Esq.

Attorney

1,611 satisfied customers

Run my own successful business/contract law practice.

MShore Law

MShore Law

Attorney

1,233 satisfied customers

Drafted Negotiated and/or Reviewed Thousands of Commercial Agreements

RGMacEsq

RGMacEsq

Attorney

778 satisfied customers

Licensed Texas General Practice Attorney

Barrister

Barrister

Attorney

683 satisfied customers

17 years practicing attorney, JD, BA, MBA

Ely

Ely

Attorney

604 satisfied customers

Counselor at Law.

J.Hazelbaker

J.Hazelbaker

Attorney

393 satisfied customers

Experienced and trained in the area of business law.

< Previous | Next >

Related Business Law Questions
I am starting a fintech venture and I would like to know
I am starting a fintech venture and I would like to know what the steps are that I need to take in order to be compliant with existing regulations. The goal is to offer structured financial notes to a… read more
PaulmoJD
PaulmoJD
Attorney At Law
Doctoral Degree
106 satisfied customers
I run a company that provides a purchasing platform within
I run a company that provides a purchasing platform within the medical (orthotic & prosthetic) field. When placing orders, customers have the option to enter a patient name. This brings up a couple of… read more
DamienJD
DamienJD
Attorney
Doctoral Degree
5,386 satisfied customers
I own a marketing firm and one of our clients has asked for
I own a marketing firm and one of our clients has asked for consumer leads in the health area. If my company creates a web form that collects email, first name, last name, phone number, and a brief de… read more
LawGuy
LawGuy
Juris Doctor
123 satisfied customers
As a consultant for a non healthcare company, where can I
As a consultant for a non healthcare company, where can I learn more about the HIPAA regulations (if any) for what I need to follow? More specifically, I'm a nurse that does not prescribe or diagnose.… read more
Gerald, Esq
Gerald, Esq
Juris Doctor
4,029 satisfied customers
I work non profit, some of our funding is dispensed
i work for a non profit, some of our funding is dispensed by/through the DHHR. We are required to give them full and intrusive access to our clients information, and entering them into a data base, of… read more
Asad Rahman
Asad Rahman
Attorney
J.D.
2,555 satisfied customers
Does a website need to follow PAA to sell contact lenses?
Does a website need to follow HIPAA to sell contact lenses? What are the limits? I would like to create a website for an eye doctor's practice and they would like to sell their contact lenses online, … read more
Thelawman2
Thelawman2
Doctoral Degree
1,744 satisfied customers
I wish to start a software development consultancy LLC in Delaware.
I wish to start a software development consultancy LLC in Delaware. I currently reside in Illinois and would work from my home. Everything I buy and sell would be online. I would be primarily doing on… read more
LawGuy
LawGuy
Juris Doctor
123 satisfied customers
A local bank has acquired a chiropractic business with all
A local bank has acquired a chiropractic business with all assets and accounts receivables. They want me to take over the lease of the building and sell me all the assets including the accounts reciev… read more
Law Pro
Law Pro
Doctoral Degree
19,000 satisfied customers
We are a small start-up about to create a medical software
We are a small start-up about to create a medical software and we want to know what actions if any are required from us from the HIPAA law. Basically here is what our software will do 1) Patient walks… read more
Richard - Bizlaw
Richard - Bizlaw
Attorney
Juris Doctor
10,841 satisfied customers
Answers from Two Experts requested: My company offers a cloud-based system to track tasks,
My company offers a cloud-based system to track tasks, customer service tickets, etc. We have a in-home healthcare-related company that is interested in using our system. They want us to sign a HIPAA … read more
Roger
Roger
Litigation Attorney
Doctoral Degree
26,939 satisfied customers
We are a non-profit social services agency with several divisions
We are a non-profit social services agency with several divisions of programs. One division is Behavioral Health, with programs that deal with HIPAA confidential information. We are trying to improve … read more
PaulmoJD
PaulmoJD
Attorney At Law
Doctoral Degree
106 satisfied customers
I need help with forming a scalable entity-system. I am heavy
I need help with forming a scalable entity-system. I am heavy in research and community development. I want to be able to partner with larger organizations such as the Dell Foundation and be hired as … read more
Dimitry K., Esq.
Dimitry K., Esq.
Attorney
Doctoral Degree
1,611 satisfied customers
My wife and I just started an LLC . She is a certified phlebotomist
My wife and I just started an LLC . She is a certified phlebotomist and a certified Medical Assistant . I am an engineer with no medical background . She deals with medical businesses that provide med… read more
BizIPEsq.
BizIPEsq.
Employment Technology & Business Lawyer
Doctoral Degree
375 satisfied customers
We are a psychotherapy practice in nj in need of more space.
We are a psychotherapy practice in nj in need of more space. we are about to sign a lease for additional office space however the offices are in a suite that may be shared with other tenants. Are ther… read more
LawGuy
LawGuy
Juris Doctor
123 satisfied customers
Background: I have a company in Wyoming (LLC). The company
Background: I have a company in Wyoming (LLC). The company provides online background check information to other companies who are hiring (business to business service). Once we provide the company wi… read more
Richard - Bizlaw
Richard - Bizlaw
Attorney
Juris Doctor
10,841 satisfied customers
I run a small company that develops medical imaging related
I run a small company that develops medical imaging related software. At the request of a hospital a new software product was written for them, by me, and we are now negotiating the End User License A… read more
clflaw
clflaw
President/Managing Partner
Juris Doctor
132 satisfied customers
Two HIPAA compliant organizations has a business relationship
Two HIPAA compliant organizations has a business relationship encompassing data exchange and querying of said data. A Hospital and a Patient Billing/Denial database company. The Pt Billing/Denial data… read more
socrateaser
socrateaser
1,031 satisfied customers
ALONG THE SAME LINES AS THE LAST QUESTION. HOW ILL EMPLOYEES
ALONG THE SAME LINES AS THE LAST QUESTION. HOW ILL EMPLOYEES IN THE MEDICAL OFFICE HAVE TO BE TRAINED REGARDING PRIVACY? WHO WOULD DO THE TRAINING?… read more
Richard - Bizlaw
Richard - Bizlaw
Attorney
Juris Doctor
10,841 satisfied customers

DISCLAIMER: Answers from Experts on JustAnswer are not substitutes for the advice of an attorney. JustAnswer is a public forum and questions and responses are not private or confidential or protected by the attorney-client privilege. The Expert above is not your attorney, and the response above is not legal advice. You should not read this response to propose specific action or address specific circumstances, but only to give you a sense of general principles of law that might affect the situation you describe. Application of these general principles to particular circumstances must be done by a lawyer who has spoken with you in confidence, learned all relevant information, and explored various options. Before acting on these general principles, you should hire a lawyer licensed to practice law in the jurisdiction to which your question pertains.

The responses above are from individual Experts, not JustAnswer. The site and services are provided “as is”. To view the verified credential of an Expert, click on the “Verified” symbol in the Expert’s profile. This site is not for emergency questions which should be directed immediately by telephone or in-person to qualified professionals. Please carefully read the Terms of Service (last updated February 8, 2012).

DISCLAIMER: Answers from Experts on JustAnswer are not substitutes for the advice of an attorney. JustAnswer is a public forum and questions and responses are not private or confidential or protected by the attorney-client privilege. The Expert above is not your attorney, and the response above is not legal advice. You should not read this response to propose specific action or address specific circumstances, but only to give you a sense of general principles of law that might affect the situation you describe. Application of these general principles to particular circumstances must be done by a lawyer who has spoken with you in confidence, learned all relevant information, and explored various options. Before acting on these general principles, you should hire a lawyer licensed to practice law in the jurisdiction to which your question pertains.

The responses above are from individual Experts, not JustAnswer. The site and services are provided “as is”. To view the verified credential of an Expert, click on the “Verified” symbol in the Expert’s profile. This site is not for emergency questions which should be directed immediately by telephone or in-person to qualified professionals. Please carefully read the Terms of Service (last updated February 8, 2012).

Show MoreShow Less

Ask Your Question

x