Overview:

This session will cover the intricate relationship between the patient, the covered entity and business associates. This will include processes to identify the business associate, the process to qualify a business associate, key ways to exchange information and why you should encourage the business associates to sign your business associate agreement. This session will include SOC 1 and SSAE 16 documents as well as providing the key questions that you should ask every business associate.

Why should you attend: Covered entities have been entrusted to protect patient health information, but what happens when they share that information with a third party?  What steps can the organization take to minimize the risks to the patient and the organization?  There are many examples of organizations having to advise HHS, the Media, and the patient about a breach caused by their business associates. This session will review an approach for conducting due diligence to mitigate the risk imposed on organizations by sharing this data.

Areas Covered in the Session:

• Identifying your business associates
• What steps, questions, etc. should be taken before giving access to a business associate?
• How will the exchange of information occur?
• What if the Business Associate wants you to sign their agreement?
• Documenting your agreements and due diligence

Who Will Benefit:

• Information Security Officers
• Risk Managers
• Compliance Officers
• Privacy Officer
• Health Information Managers
• Information Technology Managers
• Medical Office Managers
• Chief Financial Officers
• Systems Managers
• Legal Counsel
• Operations Directors

Educational Objectives(S)
Upon completion of this activity, participants will be able to:

• Discuss the processes to identify the business associate, the process to qualify a business associate, key ways to exchange information and why you should encourage the business associates to sign your business associate agreement.

CME Credit Statement
This activity has been planned and implemented in accordance with the Essential Areas and Policies of the Accreditation Council for Continuing Medical Education (ACCME) through the joint sponsorship of CFMC and MentorHealth. CFMC is accredited by the ACCME to provide continuing medical education for physicians.

CFMC designates this educational activity for a maximum of 1 AMA PRA Category 1 Credit™. Physicians should only claim credit commensurate with the extent of their participation in the activity.

Other Healthcare Professionals Credit Statement
This educational activity has been planned and implemented following the administrative and educational design criteria required for certification of health care professions continuing education credits. Registrants attending this activity may submit their certificate along with a copy of the course content to their professional organizations or state licensing agencies for recognition for 1 hour.

Disclosure Statement
It is the policy of CFMC and MentorHealth that the faculty discloses real or apparent conflicts of interest relating to the topics of the educational activity. All members of the faculty and planning team have nothing to disclose nor do they have any vested interests or affiliations


Obtaining Certificate of Credit

Colorado Foundation for Medical Care (CFMC) hosts an online activity evaluation system, certificate and outcomes measurement process. Following the activity, you must link to CFMC's online site (link below) to complete the evaluation form in order to receive your certificate of credit. Once the evaluation form is complete and submitted, you will be automatically sent a copy of your certificate via email. Please note, participants must attend the entire activity to receive all types of credit. Continuing Education evaluation and request for certificates will be accepted up to 60 days post activity date. CFMC will keep a record of attendance on file for 6 years.