Hhs Business Associate Agreement

Covered companies may disclose protected health information to a company in its role as a business partner only to assist the insured company in fulfilling its health missions – not for independent use or for the purposes of counterparty, unless it is necessary for the proper management and management of the counterparty. [In addition to other authorized purposes, the parties must indicate whether the counterparty has the right to use protected health information to decipher the information covered by 45 CFR 164.514 (a)-c). The parties may also indicate how the counterparty will detract from the information and authorized uses and advertisements of information not identified by the counterparty.] De-identification. Although HIPAA limits the use of PHI by the business partner for its own purposes, BAA may authorize the business partner to deidentify PHI on behalf of the insured company`s customer. (cf. 45 C.F.R. 164.502 (d)). After identification, the information is no longer protected by HIPAA and, unless agreements between the parties or other laws limit it, the counterparty may use the unidentified information for its own purposes without violating HIPAA. The OCR has published the following FAQ on this subject: [option 1 – if the business partner is to return or destroy all protected health information after the termination of the contract] Business associates functions and activities include: claims processing and management; Data analysis, processing or management Checking usage Quality assurance Settlement of accounts Benefit management Practice management and reassessment. The services provided by trading partners are: legal; actuarial; Accounting; The council data aggregation Administration From an administrative point of view Accreditation and financially. See the definition of “Business Associate” at 45 CFR 160.103.

Contractors who work exclusively for your business, individuals with other customers and employees hired through a company are not business partners. However, your company is liable if one of these people violates the PHI. www.hhs.gov/hipaa/for-professionals/privacy/guidance/business-associates/index.htmlsearchsecurity.techtarget.com/definition/business-associatewww.mwe.com/en/thought-leadership/publications/2013/02/new-hipaa-regulations-affect-business-associates__www.hhs.gov/hipaa/for-professionals/covered-entities/sample-business-associate-agreement-provisions/index.html The power of the counterparty to use or disclose PHIs derives from the authority of the covered entity.

Comments are closed.