{"id":1647,"date":"2011-11-03T00:00:00","date_gmt":"2011-11-03T00:00:00","guid":{"rendered":"http:\/\/otava.test\/the-business-associates-role-in-hipaa-violations\/"},"modified":"2011-11-03T00:00:00","modified_gmt":"2011-11-03T00:00:00","slug":"the-business-associates-role-in-hipaa-violations","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/","title":{"rendered":"The Business Associate\u2019s Role in HIPAA Violations"},"content":{"rendered":"

Of the 345 incidents reported by HHS and listed on their site under Breaches Affecting 500 or More Individuals, 74 involved a business associate (21 percent).<\/p>\n

An increasing number of recent HIPAA violations<\/a> are caused or involve a business associate \u2013 the Stanford Hospital breach was due to improper disclosure of PHI, and the TRICARE\/SAIC incident was due to the theft of unencrypted backup tapes out of the trunk of an employee\u2019s car.<\/p>\n

\"Business
Business Associates and HIPAA Violations<\/figcaption><\/figure>\n

While most of the incidents were isolated \u2013 meaning different business associates are involved with each individual company, a few repeats were evident.\u00a0Med Assets made up for 9.5 percent of the breaches reported with a business associate involved, meaning they affected 6 different companies listed.<\/p>\n

Two separate incidents affected multiple covered entities \u2013 one set affected 4 different healthcare organizations and the other affected 3 different covered entities.<\/p>\n

This data makes apparent the level of preparedness that business associates have when it comes to HIPAA security policies, procedures and training. When employees are improperly trained, they leave the business vulnerable to data theft, loss, hacking and\/or simple security negligence within the IT environment, putting covered entities at great risk for a HIPAA violation and accompanying fines.<\/p>\n

And when one IT vendor is responsible for PHI from many different hospitals, just one incident can have a significant damaging effect on an exponential amount of patients.<\/p>\n

If you are outsourcing your data hosting, put research into finding a HIPAA hosting<\/a> provider who is audited by a CHP (Certified HIPAA Practitioner) and CHSS (Certified HIPAA Security Specialist). Note, this doesn\u2019t make your company HIPAA compliant, or any less responsible for implementing your own policies and procedures, but it does mean you have taken an active role in researching your vendors to prevent a data breach.<\/p>\n

If you need more guidance on HIPAA policies, procedures and training materials, visit our HIPAA resources<\/a> section today.<\/p>\n","protected":false},"excerpt":{"rendered":"

Of the 345 incidents reported by HHS and listed on their site under Breaches Affecting 500 or More Individuals, 74 involved a business associate (21 percent). An increasing number of recent HIPAA violations are caused or involve a business associate \u2013 the Stanford Hospital breach was due to improper disclosure of PHI, and the TRICARE\/SAIC incident was due to the theft of unencrypted backup tapes out of the trunk of an employee\u2019s car. While most of the incidents were isolated \u2013 meaning different business associates are involved with each individual company, a few repeats were evident.\u00a0Med Assets made up for 9.5 percent of the breaches reported with a business associate involved, meaning they affected 6 different companies listed. Two separate incidents affected multiple covered entities \u2013 one set affected 4 different healthcare organizations and the other affected 3 different covered entities. This data makes apparent the level of preparedness that business associates have when it comes to HIPAA security policies, procedures and training. When employees are improperly trained, they leave the business vulnerable to data theft, loss, hacking and\/or simple security negligence within the IT environment, putting covered entities at great risk for a HIPAA violation and accompanying fines. And…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1647","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nThe Business Associate\u2019s Role in HIPAA Violations | OTAVA<\/title>\n<meta name=\"description\" content=\"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Business Associate\u2019s Role in HIPAA Violations\" \/>\n<meta property=\"og:description\" content=\"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2011-11-03T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"The Business Associate\u2019s Role in HIPAA Violations\",\"datePublished\":\"2011-11-03T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\"},\"wordCount\":327,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\",\"url\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\",\"name\":\"The Business Associate\u2019s Role in HIPAA Violations | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg\",\"datePublished\":\"2011-11-03T00:00:00+00:00\",\"description\":\"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Business Associate\u2019s Role in HIPAA Violations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The Business Associate\u2019s Role in HIPAA Violations | OTAVA","description":"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/","og_locale":"en_US","og_type":"article","og_title":"The Business Associate\u2019s Role in HIPAA Violations","og_description":"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?","og_url":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/","og_site_name":"OTAVA","article_published_time":"2011-11-03T00:00:00+00:00","og_image":[{"url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg","type":"","width":"","height":""}],"author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"The Business Associate\u2019s Role in HIPAA Violations","datePublished":"2011-11-03T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/"},"wordCount":327,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"image":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/","url":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/","name":"The Business Associate\u2019s Role in HIPAA Violations | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage"},"image":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg","datePublished":"2011-11-03T00:00:00+00:00","description":"An increasing number of recent HIPAA violations are caused or involve a business associate. What can BA's do to protect themselves from being found in breach?","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#primaryimage","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/Business-Associates-HIPAA-Violations.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/the-business-associates-role-in-hipaa-violations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"The Business Associate\u2019s Role in HIPAA Violations"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1647"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1647\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1647"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}