HIPAA Compliance for Business Associates

Overcoming Complex Challenges With Data De-Identification, Security Breaches, Indemnification and More

Recording of a 90-minute CLE webinar with Q&A

Conducted on Wednesday, July 12, 2017
Recorded event now available

This CLE webinar will provide healthcare counsel with guidance on the HIPAA rule and its impact on business associate agreements (BAAs), as well as changes to privacy, security and breach notification requirements for covered entities. The panel will outline strategies to ensure compliance with the increased obligations.


Business associates are directly accountable for complying with many of HIPAA’s regulations and BAAs are impacted by the HIPAA requirements. Business associate relationships should be reviewed to make sure that BAAs are in place where needed.

BAAs must address issues, including data de-identification, data aggregation, dealing with security breaches, training, and indemnification to ensure HIPAA compliance. Risks for noncompliance include fines for data breaches and violations (that can easily run into the millions), state AG lawsuits, and class actions suits.

Business associates and subcontractors wrestle with compliance and face potential liability for failing to comply with HIPAA requirements. Further, covered entities may be vicariously liable for business associates’ compliance failures. Therefore, it is imperative that business associates overcome the complex challenges of HIPAA’s requirements to ensure compliance.

Listen as our authoritative panel examines business associate compliance from the BAAs to privacy and security requirements. The panel will address advanced issues—including data de-identification, dealing with security breaches and contracting—facing business associates and their counsel and offer best practices for HIPAA compliance.


  1. Business associate agreements
    1. Ensuring HIPAA compliance in existing agreements
    2. Negotiating and drafting new agreements—indemnity, audit rights, transmission of PHI overseas and other contract challenges
    3. Dealing with subcontractors
  2. Privacy and security challenges
    1. Data aggregation
    2. Data de-identification and limited data sets
    3. Breaches and breach notification
  3. Best practices for compliance
    1. OCR recent guidance on cloud services providers as business associates
    2. Lessons from recent HIPAA enforcement


The panel will review these and other key issues:

  • What risks do business associates face when using electronic means to communicate with healthcare providers?
  • What issues must business associates and covered entities consider before entering into BAAs?
  • What steps should business associates and covered entities take to ensure compliance with the privacy and security requirements under HIPAA?


Nathan A. Kottkamp
McGuireWoods, Richmond, Va.

Mr. Kottkamp concentrates in healthcare law, including Medicare, Medicaid, managed care, third-party reimbursement, federal and state regulatory compliance, fraud and abuse, self-referral prohibitions, privacy and confidentiality requirements, patient rights and clinical ethics, medical staff privileges, healthcare contracts, certificate of public need proposals, reproductive medicine and HIPAA.

Isaac M. Willett, Partner
Faegre Baker Daniels, Indianapolis

Mr. Willett counsels clients on developing regulatory strategies, including compliance with health care facility licensing laws, health care privacy laws, Medicare and Medicaid, the Stark Act and the Anti-Kickback Statute. He also represents clients in the structuring, negotiation and documentation of mergers, acquisitions, joint ventures and other business transactions. He advises clients on structural matters involving entity selection, reorganizations, acquisitions and dissolutions as well as assisting clients with business planning and the negotiation and drafting of various contracts, including employment agreements, independent contractor agreements and non-competition agreements.


CLE On-Demand - Streaming Video

Includes recorded streaming video of full program plus PDF handouts.

On-demand is the only recorded format recognized for CLE credits in DE, IN, KS, LA, MS, NC, OH, OK, SC, TN, VA, WI.

AK, AZ, CA, CO, CT, DE, FL, GA, HI, IA, ID, IL, IN*, KS, KY, LA, ME, MN, MO, MT, NC, ND, NH**, NJ, NM, NV, NY, OH*, OK, OR, PA, SC, TN, TX, UT, VA, VT, WA, WI, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

*Only available for attorneys admitted for more than two years. For OH CLE credits, only programs recorded within the current calendar year are eligible - contact the CLE department for verification.

**NH attendees must self-determine if a program is eligible for credit and self-report their attendance.

CLE On-Demand Video $297.00

How does this work?

Recorded Event

Includes full event recording plus handouts.

Strafford is an approved provider and self-study CLE credit is available in most states.

AK, AZ, CA, CO, CT, FL, GA, HI, IA, ID, IL, KY, ME, MN, MO, MT, ND, NJ, NM, NY, OR, PA, TN, TX, UT, VT, WA, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

Strafford will process CLE credit for one person on each recording.

Additional copies of a recording can be purchased at a discount. Please call Strafford Customer Service toll-free at 1-800-926-7926 ext 10 or email customerservice@straffordpub.com to place your order.

Recorded Webinar Download $297.00

How does this work?

Recorded Audio Download (MP3) $297.00

How does this work?


Strafford webinars offer several options for participation: online viewing of speaker-controlled PowerPoint presentations with audio via computer speakers or via phone; or audio only via telephone (download speaker handouts prior to the program).  Please note that our webinars do not feature videos of the presenters.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

or call 1-800-926-7926

CLE Credits

Many states grant CLE credits for on-demand streaming audio programs and recorded events. Our programs are pre-approved in many states. Refer to our state CLE map for state-specific information.

or call 1-800-926-7926

Customer Reviews

I enjoyed the programs content and the speaker's perspectives.

Brenda Laigaie

Wade Goldstein Landau & Abruzzo

The program was very relevant and timely to our business.

Nancy Poland

National Marrow Donor Program

The teleconference was efficient with a well-focused agenda. The speakers really seem to know the material and communicated it clearly.

Owen Hughes


I thought Strafford’s program was very clear and straightforward.

Meg Mazzone

Sarah Cannon Research Institute

The seminar provided good practical examples and advice plus good Q&A.

Don Weinbren

Trenam Kemker

or call 1-800-926-7926

Health Law Advisory Board

Lowell C. Brown


Arent Fox

Jennifer L. Evans



Ryan S. Johnson


Fredrikson & Byron

Gina M. Kastel


Faegre Baker Daniels

Karen S. Lovitch


Mintz, Levin, Cohn, Ferris, Glovsky and Popeo

David A. Manko


Proskauer Rose

John J. Miles

Senior Counsel

Baker Donelson

C. Elizabeth O'Keeffe


Wyatt, Tarrant & Combs

J. Peter Rich


McDermott Will & Emery

Donald H. Romano

Of Counsel

Foley & Lardner

Judith A. Waltz


Foley & Lardner

John R. Washlick


Buchanan Ingersoll & Rooney

Jesse A. Witten


Drinker Biddle & Reath

or call 1-800-926-7926

Our Guarantee

Strafford webinars are backed by our 100% Unconditional Money-Back Guarantee: if you are not satisfied with any of our products, simply let us know and get a full refund. For more information regarding complaints and refunds, please contact us at 1-800-926-7926 ext 10. Complaints regarding this program can be submitted via the course evaluation found in the “Thank you” e-mail at the end of the course.