Risk Management
| << Back | Download |
HIPAA/HITECH Resources
OMIC Business Associate Agreement
OMIC has completed its revision of the HIPAA Business Associate (BA) Agreement it maintains between itself and each of its insureds. You can download a copy here: Business Associate Agreement-OMIC-9.1.2013. A hard copy is also being sent to OMIC insureds by mail. Please understand that because OMIC has 4,500 physician insureds, it would be administratively burdensome for OMIC to review and sign individual BA Agreements provided by each of its insureds. OMIC’s BA Agreement meets the latest HIPAA and HITECH standards as promulgated in the Omnibus HIPAA/HITECH Final Rule and is the only BA Agreement that OMIC will maintain between itself and its insureds. Please retain your copy of the OMIC BA Agreement with your HIPAA compliance materials.
Sample Documents for Your Practice
OMIC has drafted several sample documents that you may download and use in your practice. These samples are a starting point for ophthalmology practices. They should be customized, as necessary, to meet your practice’s specific needs and circumstances. These materials do not constitute the provision of legal advice by OMIC and are not a substitute for legal or professional advice.
- Sample Notice of Privacy Practices
- Sample Notice of Privacy Practices Acknowledgment
- Sample Authorization for Use and Disclosure of Health Information
- Sample Business Associate Agreement
- Sample Breach Notification Letter to Patients
- Sample Breach Notification Policy
The Department of Health and Human Services (HHS) has also created several sample documents for use in your practice. The can be found by following these links:
Guidance Tools
The American Medical Association has prepared a booklet explaining the changes to the HIPAA regulations: AMA HIPAA Privacy and Security Toolkit.
See also the following free resources, which include webinars and guidance documents to train yourself and your staff. The webinar series was presented by the Workgroup for Electronic Data Interchange (WEDI) and the Office of the Inspector General (OIG). The Office of Civil Rights (OCR) has useful guidance documents for physician offices.
- WEDI Webinar Series > HIPAA Privacy and Security Training and Resources
- HIPAA Privacy Page
- Omnibus Rule
- OCR’s Protecting Patient Rights Resource Center (Registration Required)
- Are You a Covered Entity?
- For Small Providers, Small Health Plans, and Other Small Businesses
- Summary/Guidance on Significant Aspects of the Privacy and Security Rules
- Fast Facts for Covered Entities
- Business Associates FAQs
- Security Rule Guidance Material
- Guidance on Risk Analysis
- Mobile Device Security
- Communicating with a Patient’s Family, Friends, or Others Involved in The Patient’s Care
- FAQs About the Disposal of Protected Health Information
- Training Materials on the HIPAA Privacy Rule
- Resources for Consumer
Please refer to OMIC's Copyright and Disclaimer regarding the contents on this website
