Interested in training for your team? Click here to learn more

HIPAA Compliance for Business Associates

Overcoming Complex Challenges With Data De-Identification, Security Breaches, Indemnification and More

Recording of a 90-minute CLE webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Wednesday, July 12, 2017

Recorded event now available

or call 1-800-926-7926

This CLE course will provide healthcare counsel with guidance on the HIPAA rule and its impact on business associate agreements (BAAs), as well as changes to privacy, security and breach notification requirements for covered entities. The panel will outline strategies to ensure compliance with the increased obligations.


Business associates are directly accountable for complying with many of HIPAA’s regulations and BAAs are impacted by the HIPAA requirements. Business associate relationships should be reviewed to make sure that BAAs are in place where needed.

BAAs must address issues, including data de-identification, data aggregation, dealing with security breaches, training, and indemnification to ensure HIPAA compliance. Risks for noncompliance include fines for data breaches and violations (that can easily run into the millions), state AG lawsuits, and class actions suits.

Business associates and subcontractors wrestle with compliance and face potential liability for failing to comply with HIPAA requirements. Further, covered entities may be vicariously liable for business associates’ compliance failures. Therefore, it is imperative that business associates overcome the complex challenges of HIPAA’s requirements to ensure compliance.

Listen as our authoritative panel examines business associate compliance from the BAAs to privacy and security requirements. The panel will address advanced issues—including data de-identification, dealing with security breaches and contracting—facing business associates and their counsel and offer best practices for HIPAA compliance.



  1. Business associate agreements
    1. Ensuring HIPAA compliance in existing agreements
    2. Negotiating and drafting new agreements—indemnity, audit rights, transmission of PHI overseas and other contract challenges
    3. Dealing with subcontractors
  2. Privacy and security challenges
    1. Data aggregation
    2. Data de-identification and limited data sets
    3. Breaches and breach notification
  3. Best practices for compliance
    1. OCR recent guidance on cloud services providers as business associates
    2. Lessons from recent HIPAA enforcement


The panel will review these and other key issues:

  • What risks do business associates face when using electronic means to communicate with healthcare providers?
  • What issues must business associates and covered entities consider before entering into BAAs?
  • What steps should business associates and covered entities take to ensure compliance with the privacy and security requirements under HIPAA?


Nathan A. Kottkamp
Nathan A. Kottkamp

Senior Counsel

Mr. Kottkamp concentrates in healthcare law, including Medicare, Medicaid, managed care, third-party...  |  Read More

Isaac M. Willett
Isaac M. Willett

Faegre Baker Daniels

Mr. Willett counsels clients on developing regulatory strategies, including compliance with health care facility...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video