Business Associates Agreement


An insured company staff member is NOT a business partner, nor is it someone who can accidentally find patient information (such as a janitor or electrician). If you have a question about the compliance of trading partners, let us know info@hipaaetool.com. 2) assess whether trading partners comply with the HIPAA General Committee. The data protection rule requires that a covered entity receive satisfactory assurances from its counterparty that the counterparty adequately protects the protected health information it receives or creates on behalf of the entity concerned. Satisfactory assurances must be made in writing, either in the form of a contract or other agreement between the covered entity and the counterparty. Question: I have a response system company and we never hear medical information, only a patient`s name and number for a recall. Doesn`t that mean that we don`t receive protected health information, so we`re not a business partner, but just a regular provider? If this agreement is terminated for any reason, the counterparty is entitled to protected health information obtained by companies covered or created, maintained or received by a counterparty on behalf of an insured company: the definition of a consideration is quite simple. According to the Ministry of Health and Human Services, a consideration is: (d) counterparties cannot use or disclose protected health information in one way or another: that would be contrary to subsection E of 45 CFR Part 164 if done by an insured unit [if the agreement allows the counterparty to use or disclose protected health information for its own management and management and legal responsibilities, or for data aggregation services, in accordance with the following optional provisions, (f) or (g), add, with the exception of the uses and specific information below.” Matching contracts. The contract of a covered company or any other written agreement with its counterparty contains the elements covered in paragraph 45 CFR 164.504 (e). The contract must, for example. B Describe the authorized and necessary use of health information protected by the counterparty; provide that the counterparty will not continue to use or disclose protected health information, with the exception of the contract or the law; and require the counterpart to adopt appropriate security measures to prevent the use or disclosure of protected health information that is not provided for by the contract. If a covered entity is aware of a significant violation or violation by the counterparty of the contract or agreement, the covered entity is required to take appropriate steps to correct the violation or terminate the violation and if such measures are inconclusive, to terminate the contract or agreement.

Pin It