Covered entities leverage their relationships with business associates to provide healthcare information
services, such as cloud storage of data, processing of billing information, and other IT functions. For this
discussion:
Explain how this relationship is controlled by HIPAA, emphasizing the critical role of PHI.
Explain the categories of security required by HIPAA and give examples of how they are implemented in a
third-party relationship.
Give several examples of third-party businesses that do not need access to protected health information
(PHI) to conduct their business and several examples that do require access to PHI to perform their
function as a contractor.