You are here

Business Associates are Under a Microscope – Are you Prepared?

November 2, 2016 @ 2:00pm

The pressure on business associates is increasing – both from the Office for Civil Rights (OCR) and covered entities.  In addition to traditional business associate agreements, business associates are increasingly being required to provide security risk assessments, penetration testing results, certifications like HITRUST, maintain cybersecurity insurance and provide indemnification for breaches.  This presentation will evaluate what is realistic in today’s environment, particularly for smaller organizations. The speakers will discuss frequently asked questions such as:

  • What can be negotiated in the business associate agreement?
  • How much cybersecurity insurance is necessary?
  • What are compliance audits such as HIPAA/NIST Gap assessments, HIPAA Risk Assessments, SOC 2 audits, and HITRUST, and which is right for my organization?

Any organization that is a business associate is encouraged to participate in this webinar to gain insight on practical and cost-effective approaches to addressing their obligations under the HIPAA privacy and security rules.

Michael Kanarellis
is a Senior Manager in Wolf’s Information Technology (IT) Assurance Services group, and has over 20 years of scoping security initiatives for organizations across all verticals with particular expertise in healthcare and managing those efforts. Mike has been involved in managing projects such as;  IT risk management & assessments, wireless network security, web applications, firewalls, general information security & controls, IT governance, business continuity planning, vulnerability/penetration testing, and  various application security reviews.  In addition to the technical audits noted above, Mike has performed work in various compliance areas including Health Insurance Portability and Accountability Act (HIPAA), The HITECH ACT, Meaningful Use risk assessments, ISO 27001, PCI, and other state privacy laws.

Susan Huntington assists health care providers with the spectrum of business and regulatory needs, including HIPAA privacy and security requirements. She has focused her entire legal career in health law and has extensive clinical, business management, insurance, risk management and legal experience. Susan has provided legal support from just about every side of a transaction – serving as in-house counsel at national health insurer, general counsel for a large primary care physician group, deputy general counsel for an integrated multi-hospital system and manager of clinical risk consulting services for a professional liability insurance carrier.

Eric Fader has represented healthcare providers in connection with business planning and corporate governance issues, transactional and organizational matters, and federal and state regulatory requirements for more than 30 years. Those providers have included licensed entities such as imaging centers, ambulatory surgery centers, pharmacies, home health agencies and nursing homes. Eric advises clients in connection with Medicare and Medicaid reimbursement, fraud and abuse, federal and state self-referral issues, HIPAA and HITECH Act matters (including privacy and data breaches), Patient Protection and Affordable Care Act compliance, hospital privilege and medical staff issues, payor audits, and licensure and certificate of need applications and amendments. 

Who should attend?
•             Clinical subcontractors
•             SaaS or other software providers
•             Medical device or equipment manufacturers or distributors
•             Billing companies
•             Attorneys having access to PHI
•             Other service provider to health care organizations or health plans
•             Healthcare compliance professionals

About Wolf & Company's Webinar Program
Clients receive complimentary access to our webinar service designed to give you insight into the issues impacting your industry. If you are not a client, but are interested in this topic,please contact Ashley Widger, Wolf & Company's Marketing Supervisor, at 617-261-8148 or