The web of companies tied together through HIPAA coverage is increasingly opaque and complex. You could certainly ask every entity downstream of your medical practice to give you the right to approve their subcontractors or simply shut your practice off from outside access, but neither of these options is realistic.
Why You Need HIPAA Coverage
With the move to centralized health records on the cloud, coupled with the rise in cybercrime, your patient records are at risk no matter how many BAAs you sign. HIPAA insurance as part of your professional liability insurance is the coverage that can keep your practice afloat despite a breach.
What HIPAA Insurance Covers
When you discover a breach of PHI or it is reported to you by one of your contractors you have a limited time in which to respond. You will have to contact everyone who could potentially be affected by the breach. You may have even agreed in your BAA to provide credit monitoring for anyone affected by a breach.
Beyond these costs, you could be liable for fines and penalties issued by the OCR. HIPAA coverage can pay for all or most of these costs.
Don’t consider a HIPAA breach as an “if” but a “when” and protect your business finances accordingly.