The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a fact sheet clarifying violations of HIPAA (Health Insurance Portability and Accountability Act of 1996) for which a business associate can be held directly liable. The fact sheet outlines 10 specific circumstances for which OCR has authority to take enforcement action against a business associate. OCR’s clarification offers long-awaited clarity to business associates contemplating their own HIPAA liability at a time when enforcement against business associates has been on a steady rise.

To read more on the new fact sheet, click here.