What is the intent of business associate agreements?
One of the purposes of HIPAA again is to safeguard protected health information (PHI). To the extent you have control of protected health information, you must take appropriate steps to accomplish this security. In a medical practice, many of the provisions of this rule apply to business associates who have contact with you and, therefore, access to PHI. You cannot release or disclose PHI to business associates unless both parties have a business associate agreement in place. The business associate agreement must contain a confidentiality clause that holds the business associate accountable for protecting PHI. The business associate cannot use or further disclose the information in any way that violates the Privacy Rule. When a relationship with a business associate ends, the business associate must return or destroy all PHI within a reasonable time frame. Who qualifies as a business associate? A business associate is any person with whom the practice discloses protected health informa
Related Questions
- Besides developing business associate agreements, how can we ensure that our business associates comply with HIPAA?
- What is the difference between business associate agreements and chain of trust partner agreements?
- Do we need to obtain business associate agreements with janitorial services and copier services?
