The HIPAA Privacy Rule and the Need for a Business Associate Agreement

You’re a covered entity (your company processes, stores or transfers any type of patient information), and you’re outsourcing your HIPAA hosting services to a third party (an IT vendor, a billing company, etc.).

But before you can do that, you need to sign a business associate agreement (BAA) with your business associate (BA), according to the HIPAA Privacy Rule. But what’s in a business associate agreement contract?

The U.S. Department of Health and Human Resources (HHS) has a sample business associate contract available on its site listing all the provisions for those that are curious.

READ

10 Simple Rules for Creating a Good Data Management Plan

While this shouldn’t be copied precisely and is more of a guide than a complete document, it does offer insight into the general terms that a BAA should address, with the addition of customized provisions specific to certain companies’ needs.

A summary of the primary provisions include:

Obligations and Activities of Business Associate
- No use or disclosure of protected health information (PHI) unless it’s permitted or required by law.
- Must use proper safeguards to prevent use or disclosure of PHI.
- Mitigation in the event of a data breach.
- Must report any use or disclosure of PHI.
- Ensures others (subcontractors) agree to the same BAA.
- Allows CE access PHI.
- Must create documented HIPAA policies and procedures.
- Document any PHI disclosures.
Permitted Users and Disclosures by Business Associate
- Specifies when BA can use or disclose PHI on behalf of the CE.
Specific Use and Disclosure Provisions (if applicable)
- When or why a BA would disclose or use any PHI, to report law violations, with CE permission, or to provide any kind of data aggregation reports to the CE).
Obligations of Covered Entity
- The CE will notify the BA of any changes in permission (including restrictions or revocation) of the individual to use or disclose PHI.
Permissible Requests by Covered Entity
- Terms and effective dates
- How PHI will be handled after termination (returned or destroyed)
- Reasons for termination

READ

3 Ways to Keep your Websites and Apps Stable and Scalable

If you’re a covered entity, protect your company and your patients/clients by signing a thorough BAA. As a best practice recommended for HIPAA compliance, it will only strengthen your ability to pass a HIPAA audit, should the auditors come to your door.

Have other questions about compliance and BAAs? Read our HIPAA FAQ to find answers about BAs, hosting and agreements.

Source:
Business Associate Contracts

You must log in to post a comment.

5 Ways Big Data is Transforming Customer Service

Data Mining Can Be a Game Changer for Small Businesses

Modern Mac Malware Is Worse Than Your Wildest Dreams

The World of Digital Marketing Has Certainly Evolved

Education and the Blockchain – Should We be Teaching Blockchain in Schools?

Leveraging Data with Business Intelligence Analytics Tools

How the Internet of Things is Changing Big Data Analytics

Can Business Intelligence Answer the Questions Asked of it Without Big Data?

6 Ways Big Data Analytics Is Changing the E-Commerce Industry

How to Overcome Data Visualisation Problems

Current Landscape and Applications of Blockchain Explained

How Big Data Is Driving Airline Loyalty Programs

The Enterprise Graph – From Connections To Customer Insights

Can Smart Data Ensure Cybersecurity and Data Protection?

5 Ways Big Data Is Transforming Finance

Big Data is Cutting Spreads and Making Forex Trading More Cost-Effective

Why Every College Student Should Study Predictive Analytics

Dark Data: The hidden billion dollar opportunity

Quality vs Quantity in Customer Service Analytics

4 Customer Retention Metrics for Data-Driven Ecommerce

Emotions: The Next (but not new) Frontier in Artificial Intelligence & Cognitive Computing

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

How big data is affecting social media metrics and Facebook ad strategies

Report: Brands Use Advanced Analytics to Reach Double Digit Growth

Dark Data: The hidden billion dollar opportunity

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

How to Be a Text Analytics Rock Star in your Organization

Text Analytics: It’s Not Just for BIG Data

The Smart Data Lake Imperative

Data-Driven Facts for Better Blogging

How to Make Site Search a Conversion Tool

Get The Best Out Of Your Marketing Strategy By Integrating Analytics

The Types of Simple Queries Businesses Need to Ask that Spark Growth

How Did Big Data Create a Modern Day Manufacturing Workforce?

The 7 Biggest Data Trends to Watch in Finance for 2017

Taking Data Visibility to the Office Walls

What Led to the Recent Huge Buzz Around Analytics?

Big Data, Data Mining and Machine Learning: Deriving Value for Business

How Can Big Data Solve the Challenges of E-Commerce Personalization?

5 Ways Big Data is Transforming Customer Service

Leveraging Data with Business Intelligence Analytics Tools

Big Data, Data Mining and Machine Learning: Deriving Value for Business

Data Mining Can Be a Game Changer for Small Businesses

Overcoming the Challenges of Big Data Clustering

5 Challenges Your Company Has to Overcome to Succeed in Data Mining

Can Smart Data Ensure Cybersecurity and Data Protection?

How to Overcome Data Visualisation Problems

How Human Centered Design and Big Data Are Merging in 2017

How to Scale Your Big Data Project Effectively

How to Overcome Data Visualisation Problems

Data Driven: 5 Ways Automakers Use Big Data to Improve Their Products

Taking Data Visibility to the Office Walls

6 Key Capabilities an Embeddable Analytics Software Should Deliver

Dropbox or Box – Which Cloud Storage For Small Businesses

Overcoming the Challenges of Big Data Clustering

What is an Enterprise Data Warehouse?

How Much Is Data Center Downtime Costing You?

Social Media and Big Data Are Creating a New Generation of Millionaires

Can Smart Data Ensure Cybersecurity and Data Protection?

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

Are Instagram Stories a Big Data Goldmine?

The 7 Biggest Data Trends to Watch in Finance for 2017

Data Driven: 5 Ways Automakers Use Big Data to Improve Their Products

Thinking Efficiency: IT, OT, And The Issue Of Migration

Is Big Data Security Still Lacking?

Leveraging Data with Business Intelligence Analytics Tools

How to Apply Agile Marketing Strategies to Data Driven Enterprises

Robots Could Hold Nearly 40 Percent of American Jobs by Early 2030s

Data Mining Can Be a Game Changer for Small Businesses

Robots Could Hold Nearly 40 Percent of American Jobs by Early 2030s

Big Data is Leading the Fight Against Fake News

Keep calm, AI is not About to Make Marketers Obsolete

Musk vs. Zuckerberg: Who’s Right About AI?

The Enterprise Graph – From Connections To Customer Insights

Will Predictive Analytics and POS Save Small Retailers from Extinction?

Leveraging The Cloud, New Technology and Video To Effectively Manage A Growing Global Workforce

In a World Full of Data, Can Analytics See the Market Trends?

Key Points from Microsoft Dynamics 365 Tech Conference

Customer Feedback and Data Analysis: The Keys to a Good Customer Retention Rate

How Businesses Can Profit From Mobile Apps