Michael J. Sacopulos and Jeffrey Segal, MD, JD
Liability for confidentiality of protected health information extends beyond the walls of a medical practice. Studies show a significant number of breaches occur via the actions or inactions of third-party entities/business associates. These business associates are trusted with patient information to assist a medical practice and can include collection agencies, third-party billing firms, transcription services, etc. Medical practices can be legally liable for the breaches of their business associates. This article provides an overview as to proper methods of retaining and monitoring business associates in an effort to minimize exposure from these firms.