Privacy and Security Rule Modifications - LabCE.com, Laboratory Continuing Education

How to Subscribe

MLS & MLT Comprehensive CE Package Includes 180 CE courses, most popular	$109	Add to cart
Pick Your Courses Up to 8 CE hours	$55	Add to cart
Histology CE Package	$69	Add to cart
Histology CE User Increase	$69	Add to cart
Phlebotomy CE Package	$59	Add to cart
Individual course	$25	Add to cart

Need multiple seats for your university or lab? Get a quote

The page below is a sample from the LabCE course HIPAA Privacy and Security Rules. Access the complete course and earn ASCLS P.A.C.E.-approved continuing education credits by subscribing online.

Learn more about HIPAA Privacy and Security Rules (online CE course)

Privacy and Security Rule Modifications

The Omnibus Rule modified the Privacy and Security Rules to reflect PHI protection required in the digital age:

Business Associate Liability

Business associates of covered entities are directly liable for compliance with certain HIPAA Privacy and Security Rules’ requirements.
Business associate subcontractors are liable and must agree to the same restrictions and conditions that apply to the business associate, if the subcontractor creates or receives PHI.

A subcontractor may not use PHI in any way that is not permitted by the business associate agreement (BAA) between the primary business associate and the covered entity.
The BAA between the business associate and the subcontractor must be at least as stringent as the BAA between the covered entity and the business associate.

Limitations on the use and disclosure of protected health information (PHI) for marketing and fundraising purposes are strengthened.

Safeguards

Physical, administrative, and technical safeguards for both Rules are required.
Safeguards are required to be incorporated by covered entities and business associates.
Safeguards extend to the subcontractor level.