National Cancer Database (NCDB)
THE BUSINESS ASSOCIATE AGREEMENT AND FAQS

To: Cancer Committees - Commission on Cancer Approved Cancer Programs

From: David P. Winchester, MD, FACS, Medical Director, Cancer Programs, and Connie Bura, Administrative Director, Cancer Programs

Date: November 11, 2002

Re: HIPAA - The Business Associate Agreement and Frequently Asked Questions

The Commission on Cancer is committed to implementing appropriate policies, procedures, and information systems to comply with the rules and regulations concerning privacy of patient data under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). The American College of Surgeons (ACoS) has assessed its computer systems, policies, procedures, practices, and security and developed appropriate strategies to comply fully with the final HIPAA regulations released on August 14, 2002 in the Federal Registry. We have securely stored our databases and data. Access is password protected. Staff has received appropriate training regarding security standards and access to data. No access will be permitted to unauthorized staff. Lastly, we will maintain open lines of communications with providers, as wells as legislative and regulatory bodies, to ensure the College's activities are HIPAA compliant.

HIPAA aims to improve efficiency in healthcare delivery by standardizing electronic data interchange ("EDI") and protecting the confidentiality and security of patient data.

The Act specifies the following as "covered entities:" healthcare providers, health plans, and healthcare clearing houses. Since the College does not fall within the criteria for a "covered entity," the regulations call for the College to become a "business associate." The Privacy Rules defines a "business associate" as persons or organizations that perform activities such as quality assurance and improvement or accreditation functions for a covered entity (§ 160.103).

The College is committed to complying with the HIPAA patient privacy rules as a "business associate" and will enter into a business associate agreement with each of our participating facilities in order to assist them with their health care operations. We will provide participating facilities an analysis of their own data and aggregated comparative data on outcomes for the purpose of quality improvement. Click here for a copy of the College's Business Associate Agreement (25K PDF) for your review and information. Please do not sign and return this version. An electronic signature version will be made available on our Web site for facilities to read and sign at the time they are responding to the NCDB 2002 Call for Data (November 15 - December 31, 2002).

In an effort to address some of our constituents' concerns related to HIPAA, we have included a list of Frequently Asked Questions (FAQs) (65K PDF) about HIPAA and responses for your information. If you have additional questions about HIPAA, please forward them to Asa Carter at acarter@facs.org.

College's Business Associate Agreement (25K PDF)

Frequently Asked Questions (FAQs) (65K PDF)

These files are in Adobe Acrobat format. To view Portable Document Files (PDF) download the free Adobe Acrobat Reader.

 

Revised June 25, 2007

 

Data Confidentiality

Resources for Cancer Programs






This page and all contents are Copyright © 1998-2007 by the American College of Surgeons, Chicago, IL 60611-3211