AlertBoot Reminder: HIPAA Business Associates Have Less Than 120 Days Until Full Compliance With Omnibus Final Rule Deadline

Share Article

Business associates to HIPAA covered-entities must act as soon as possible to comply with Security Rules

AlertBoot's encryption services can be of help if a BA is pressed for time. AlertBoot was designed to protect clients' devices within hours.

Business associates (BA) to HIPAA covered-entities are reminded by AlertBoot, a leading provider of mobile device management and full disk encryption managed services, that compliance with the HIPAA Omnibus Final Rule, whose deadline is September 23, 2013, is less than 120 days away.

The Final Rule mandates sweeping changes to privacy protections for patients' protected health information (PHI), and is quite extensive in its requirements. BAs will be held accountable for data breaches and can be penalized for noncompliance when audited by the Department of Health and Human Services.

"Business associates account for twenty percent of data breaches displayed in the HIPAA 'Wall of Shame.' It's unsurprising, then, that the Final Rule subject BAs to the same penalties as covered-entities," noted Tim Maliyil, founder and CEO of AlertBoot Data Security. "While the maximum penalty is $1.5 million, multiple violations can push a fine over the printed limit. It's a very high price to pay, especially when big parts of it can be avoided by using encryption to protect laptops and smartphones."

Business associates also face increased risk because the Final Rule removed the "harm standard." This standard allowed organizations to self-assess whether the loss of PHI data represented a risk to patients. Under the Final Rule, lost or stolen PHI are automatically assumed to be a data breach and subject to the Data Breach Rule, although safe harbor is granted if encryption was used to protect the data.

Continued Maliyil, "Many BAs tend to be small and medium sized businesses, and complying with the updated HIPAA rules can be daunting. Trying to do everything in less than 120 days could spell disaster. Thankfully, AlertBoot's encryption services can be of help if a BA is pressed for time. AlertBoot was designed to protect clients' devices within hours, although most spread its deployment over a number of days."

AlertBoot Mobile Security, for smartphones and tablets, and AlertBoot Full Disk Encryption, for laptop computers, are mobile data protection and security solutions that leverage the cloud to speed up the process of deploying, installing, and maintaining encryption. Many companies have gone from signing up for service to securing hundreds of endpoints in a matter of days, easily beating project deadlines by a very wide margin.

And, with the cloud component only used for managing encryption and other computer policies, clients concerned about HIPAA can rest easy knowing their PHI remains in their devices.

About AlertBoot
AlertBoot Data Security offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a secure web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe and lock, device auditing, USB drive and hard disk encryption managed services.

Headquartered in Las Vegas, AlertBoot is trusted by thousands of companies worldwide as part of their bring your own device (BYOD) and mobile information management (MIM) strategy.

For more information on AlertBoot Mobile Security solutions, please visit

Contact Information
Media Contact:
Sang Lee
VP Communications
+1 702-659-8890 x3734

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sang Lee
+1 702-659-8890 x3734
Email >
Visit website