Have you received a new business associate agreement (BAA) from carriers you work with? Carriers are demanding their agents and brokers prove they are HIPAA-compliant. Why is this happening? What does it mean to your agency? Do you have to take any steps to comply with Europe's General Data Protection Regulation (GDPR)?