As a result of the Health Information Technology for Economic and Clinical Health Act (HITECH), many businesses which weren’t subject to the Health Insurance Portability and Accountability Act (HIPAA) are suddenly struggling to understand their requirements and responsibilities under HIPAA. For example, the session will cover requirements and responsibilities related to negotiating contracts, accepting liability, providing indemnity and complying with federal requirements. This session will also discuss Business Associate Agreements: who is subject, what a subject entity is required to do (and what they’re not required to do), and what that means for their business –– especially if the business isn’t actually in the healthcare field. This includes an understanding of what should and shouldn’t be in the agreement; what may seem to be boilerplate should be carefully examined. A basic understanding of HIPAA requirements will be helpful for this session.