A compliant vendor management system is at the heart of a HIPAA Business Associate Agreement (BAA). A vendor management agreement sets out the relationship between the technology vendors for a Business Associate, right from EHR vendors to IT consultants. It also includes cloud-based email and file services, which are potentially vulnerable to cyberattacks and data breaches.
So, it is extremely crucial to get a vendor management program right. The good news is that HIPAA sets out the ways by which to devise a vendor management program which will offer a means for protecting the organization and ensuring that privacy and security is covered everywhere, irrespective of whether the systems are in-house or managed by a HIPAA Business Associate.
So, the key to putting an effective and robust vendor management program is to ensure that it is compliant with the requirements set out by HIPAA. This is the only real means…
View original post 467 more words