No time to be befuddled, bewildered or bemused over which regulations are applicable to you! th_Clearwater-Compliance-Whitepaper_HIPAA-Privacy-Rule-Requirements-for-Business-Associates-FINAL1-1.png

With the passage of the Omnibus Final Rule (OFR), Business Associates (BAs) are now subject to those Privacy Rule requirements that are applicable to their Covered Entities (CEs), in addition to relevant sections of the Security Rule and the Breach Notification Rule as shown in the regulations below (redlined for changes from the OFR).