Once companies, business partners and covered business partners have identified their relationship, it is important to ensure that third parties protect the POs they receive. A signed agreement proves that the BA knows that they must manage THE PHI. Unlike most contracts, a HIPAA counterparty agreement does not necessarily protect a covered company from financial penalties for violations of the PHI. When an insured company does not receive assurance that a counterparty is able to work in a HIPAA-compliant framework before entering into a contract and then violates the PHI, the covered entity may be considered responsible for the infringement. In the simplest case, a Business Associate Agreement (BAA) is a legal contract between a health care provider and a person or organization that, as part of its services, has access, transmits or stores protected health information (PHI) for the provider. Whether you prefer to call it business associate agreement or, like HIPAA, business Associate Contract, they are both ways an important part of an organization`s efforts to be HIPAA compatible. Below, we`ve put together the basic components and definitions of a HIPAA business association agreement model that you can browse. Keep in mind that ACCORDS are legally binding agreements, so it`s best to have a designated security officer, lawyer or HIPAA compliance solution that will help you navigate these contracts. As a general rule, the BAA also defines the services provided by the counterparty, the nature of the data with which it interacts and deals with the areas relating to injury notifications (for example. B calendars) and sanctions.
1 See in particular the most recent settlements with the Center for Children`s Health, the New England Health System and the Raleigh Orthopaedic Clinic, P.A. of North Carolina. www.hhs.gov/hipaa/newsroom/index.html?language=es. 2 For the purposes of this article, “HIPAA,” reference is made to the Health Insurance Portability and Accountability Act of 1996 and to all changes or procedures of application (including data protection, See 45 CFR 160.103 and 45 CFR 164.504.4 45 CFR 164.504 45 CFR 164.504 www.hhs.gov/hipaa/for-professionals/covered-entities/sample-business-associate-agreement-provisions/index.html.