Suppose you are a third-party vendor or a business that handles private health information. If that is the case, you should consider using a business associate agreement template to ensure you always have contracts on hand.
Health care operations must maintain proper management of all personally identifiable information. Internal practices for a company must create rules for safeguarding privacy, as required by law. Sometimes this means an organization must agree to ensure no third-party company they hire can identify people through personal information.
For example: A hospital needs to upgrade its cyber security for its internet. They hire a third party to come in and upgrade their systems. As a security role, that third party may or may not have access to electronically protected health information. The third-party company must sign a business associate agreement so they know how to proceed in accordance with HIPAA law.
There are laws associated with protecting specific, identifiable health information. These laws fall under the Health Insurance Portability and Accountability Act (HIPAA) umbrella. Any third-party service provider with access to protected information under these laws must be required to extend protection in how they handle that sensitive health information and maintain company-wide compliance with the law. Legally, HIPAA requires a business associate agreement form to be filled out between parties where personal information is involved.
Any entity that has a third-party service provider come into contact with sensitive
protected health information (PHI), needs a BAA form.
A covered entity is an organization that is legally required to comply with HIPAA laws. This can include healthcare clearinghouses, companies that provide health care plans, and healthcare providers themselves. Covered entities have to follow the HIPAA privacy rules so they can disclose PHI to other covered entities without having to sign a formal business associate agreement. However, any business that is not considered a covered entity must sign a business associate agreement for the covered entity they do business with.
PHI stands for protected health information. This means any identifiable health information that could be used to figure out someone’s identity. This type of information could include someone’s full name, social security number, address, or medical data like payments for healthcare past, present, and future. It extends to the type of health care that an individual has, what kind of medical services they have received, and their past or future physical and mental health.
A business associate is an individual, organization, or agency with access to protected health information while performing some other service. Pharmacy benefit managers, independent medical transcriptionists, and regular consultants could be considered business associates in many circumstances. An accountant might need access to personal health information. A healthcare clearinghouse that translates claims into standard transactions for the healthcare provider will gain access to protected health information during their services.
You must start your agreement with the effective date. That date launches the point from which the business associate is held to the restrictions within the document and potentially liable for mistakes.
Here you list the covered entity by name and type or status.
In the section, you explain the business associates’ names and types of businesses.
This is where you include information on how notices are sent, typically the physical mailing addresses, email addresses, and phone numbers for all parties involved.
In this section, put information on what restrictions the business associate has, what safeguards they have to implement, how and when they report breaches, whether they have to destroy all information at the termination of the agreement, etc.
Don’t forget to have everyone sign the agreement.
Please consider that this is a non-exhaustive list but just a few main things this agreement should have.
You might consider using a business associate agreement form or template when you write a business associate agreement. A business associate agreement template makes it much easier for you to modify an existing structure to best fit your needs without the risk of accidentally excluding an important part. You can check and save PDF template to streamline your contract workflow.
An effective agreement will stipulate that the business associate is not allowed to use or further disclose any information aside from what is permitted by the contractor and what is required by law. So, make sure that you coordinate all the details carefully with the counterpart.
You can download the template to fill in all the agreed details in Microsoft Word. It will help you to ensure that all key sections are included.
When you use this babysitter agreement PDF, you assume all responsibility and liability. No legal responsibility is retained by Lawrina for the accuracy, reliability, or functionality of the legal document.
The unprofessional use of this legal form or other templates on this website could result in direct or indirect losses or damages. By downloading, printing, or using this agreement, you accept all liability for any loss or damage you may suffer.
Frequently Asked Questions