SBS - The best value in QMS software

HIPAA - Subcontractors and suppliers

kreid

Involved In Discussions
#1
Hello, any HIPAA experts out there?

I am wondering if it is the responsibility of the Covered Entity to 'sign-up' their subcontractors/suppliers as Business Associates?

What I mean by this is - if I am given Protected Health Information by a healthcare professional and we do not have a Business Associate Agreement in place (because the healthcare professional has not made me sign one), am I obliged to comply with HIPAA?
 
Elsmar Forum Sponsor

mihzago

Trusted Information Resource
#2
CAs are responsible to have a BAA with their BAs. BAs are also responsible for having BAAs with any subcontractors they use.

If you know you are a business associate, and you are one if you process PHI/ePHI on behalf of a CA, then you have to comply with HIPAA.
If the CA didn't ask you to sign BAA, I would ask them for one, or you create one and ask CA to execute.
 
Thread starter Similar threads Forum Replies Date
L Medical device HIPAA compliance in encryption Medical Information Technology, Medical Software and Health Informatics 1
D HIPAA, HITECH and Interoperability compliance route Medical Device and FDA Regulations and Standards News 2
S HIPAA-compliant monitoring software (advice needed) Hospitals, Clinics & other Health Care Providers 1
G Do HIPAA Rules Apply to a 3rd Party Logistics Shipper? Other US Medical Device Regulations 2
C How medical device manufacturers are implementing standards like GDPR and HIPAA Other ISO and International Standards and European Regulations 5
D HIPAA and GDPR applies? Medical therapy device ISO 13485:2016 - Medical Device Quality Management Systems 0
Ajit Basrur Need help to understand HIPAA requirements ISO 13485:2016 - Medical Device Quality Management Systems 17
GoSpeedRacer ISO 13485:2016 Clause 4.2.5 - Control of Records - HIPAA Requirements ISO 13485:2016 - Medical Device Quality Management Systems 11
P HIPAA Privacy - Login password or USB Access key? Other US Medical Device Regulations 3
E Collecting Patient Information and Patient Identifiers - HIPAA Other US Medical Device Regulations 2
R HIPAA (Health Insurance Portability and Accountability Act) applicability Other US Medical Device Regulations 3
J Software Outsourcing - 21 CFR Part 11 and HIPAA Compliant Applications Career and Occupation Discussions 1
J Do Software Subcontractors need to be ISO13485 compliant in the EU? EU Medical Device Regulations 3
C Flowing Requirement(s) down to Subcontractors Inspection, Prints (Drawings), Testing, Sampling and Related Topics 5
P Outsourced Manufacturing - Making Subcontractors comply with TL9000 TL 9000 Telecommunications Standard and QuEST 2
I List of Significant Subcontractors EU Medical Device Regulations 2
A Auditing a Medical Device Subcontractors QMS ISO 13485:2016 - Medical Device Quality Management Systems 4
T External production/subcontractors of Medical Device outside USA 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
Q ISO 14001 and Control of Subcontractors - Small engineering company ISO 14001:2015 Specific Discussions 8
A Which Subcontractors or Facilities need to be listed on a Quality System Certificate? ISO 13485:2016 - Medical Device Quality Management Systems 11
T Re-Arrangement Cost, Quality Cost, Start-Up Costs, Hourly C&B and Subcontractors Manufacturing and Related Processes 6
J Supplier Quality System Development - Control by supplier over subcontractors Supplier Quality Assurance and other Supplier Issues 17
L Identifying product to subcontractors - Our identifying papers or labels "disappear" Document Control Systems, Procedures, Forms and Templates 3
F Who pays for DVP? Subcontractors or Tier 1 Supplier? APQP and PPAP 1
A Performance rating of subcontractors QS-9000 - American Automotive Manufacturers Standard 2
A Change management - process, tooling, subcontractors etc. QS-9000 - American Automotive Manufacturers Standard 1
D What exactly is needed on the subcontractor list for evaluating subcontractors QS-9000 - American Automotive Manufacturers Standard 4
D Receiving Inspection by Subcontractors? Heat Treat Inspection, Prints (Drawings), Testing, Sampling and Related Topics 1
Marc Registrar Interpretations: ISO9000 requirements for Subcontractors and Distributors ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
lanley liao Does all of the suppliers need to integrated into the supplier list qualified of the company? Oil and Gas Industry Standards and Regulations 2
M PSA Suppliers - CSR matrix and need the quality manual of PSA APQP and PPAP 2
O How to give a score/yield more correctly to my suppliers Supplier Quality Assurance and other Supplier Issues 12
P Managing How PPAP Requirements are Communicated in the Manufacturing Process and to Suppliers APQP and PPAP 5
B General Motors and Honda Alliance - What does this mean to suppliers? IATF 16949 - Automotive Quality Systems Standard 3
S Conflict Minerals - Tin Suppliers CMRT Miscellaneous Environmental Standards and EMS Related Discussions 2
T ISO 13485 - Process validation at critical suppliers ISO 13485:2016 - Medical Device Quality Management Systems 7
P Mylar plot suppliers in accordance with D6-51991 document AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
T Reaction Plan To Drive suppliers to IATF 16949 registration IATF 16949 - Automotive Quality Systems Standard 6
I Approved Suppliers ISO/IEC 17025:2017 and used test equipment ISO 17025 related Discussions 6
C Critical Suppliers for EU medical device approvals May 2020 EU Medical Device Regulations 1
M Who should receive the bills from suppliers and vendors, account payable or procurement? Consultants and Consulting 4
P Qualifying commercial off the shelf (COTS) external suppliers ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
Nicole Desouza Are Shipping Companies Suppliers? Manufacturing and Related Processes 4
J Painted cut threads - ASME Pipe Suppliers Manufacturing and Related Processes 6
G ISO 9001 8.4 applied to 7.1.3 - Suppliers of infrastructure requirements - IT and Print solutions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
P IATF 16949 Clause 8.4.2.3 - Justification for non-certified suppliers IATF 16949 - Automotive Quality Systems Standard 14
J Requirements for customer directed suppliers Customer and Company Specific Requirements 5
R Supplier Controls we can place on Single-Source Suppliers ISO 13485:2016 - Medical Device Quality Management Systems 2
L Audit boundaries - Is a Registrar permitted to audit a company's QMS by visiting their suppliers? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 26
R ISO 9001 versus ISO 13485 for Suppliers to Medical Device Companies ISO 13485:2016 - Medical Device Quality Management Systems 2

Similar threads

Top Bottom