Online Reporting
 Bactes Pro Archive
                              





Business Associate

What is a Business Associate?

A business associate is a person or entity who provides certain functions, activities or services for or to a covered entity, involving the use and/or disclosure of protected health information.

The business associate provisions of HIPAA were adopted out of concern that covered entities routinely disclose protected health information to a wide range of third parties. Because the privacy law only applies to covered entities, the business associate rule places restriction on third parties who perform certain functions on behalf of a covered entity and receive protected health information. Without restrictions on these disclosures, the protections intended by HIPAA would not cover a significant amount of protected health information that is disclosed to business associates.

Under HIPAA, the privacy law requires covered entities to have written agreements and satisfactory assurances that the information they disclose to their business associates will remain confidential, only to be used for the intended purpose, safeguard the information from misuses, and will assist the covered entity with complying with their responsibilities under the privacy rule. This information must only be provided to a business associate to help the covered entity carry out their health care function, not for independent use by the business associate.

A Business Associate Agreement requires that BACTES:
  • Use the information disclosed only for the permitted purpose
  • Prevent the disclosure of all protected health information to anyone not authorized to receive it
  • Report any use or disclosure of information not provided for by the agreement
  • Use appropriate safeguards to prevent the use or disclosure of information other than as provided by the agreement
  • Ensure that subcontractors or agents to whom protected health information is provided agree to the same restrictions and conditions
  • Make protected health information available to the individual about whom the information pertains for amendment or top provide an "accounting of disclosures"
  • Make available to the Department of Health and Human Services Secretary the business associate's internal practices, books, and records relating to the use and disclosure of protected health information, if requested
  • Return or destroy all protected health information received from the covered entity at termination of the agreement
  • Authorize termination of the agreement by the covered entity upon determination that the business associate violated a material term of the agreement. Only applies if corrective action is not taken within 10 days of disclosure.

         As one of the value added service that BactesProvides, we have created a HIPAA based sample BAA for you to use or modify to fulfill your requirements as a covered entity.

     Click Here For Sample Business Associate Agreement  

     

     

     
Home   --   About BACTES  --  Services   --   Benefits   --   HIPAA  --   Contact Us
© All Rights Reserved, BACTES  2006