Business associate agreement

Business Associate Agreement

Learn more about the new B.A.A. statutes

MedSafe helped us to achieve workplace compliance for all with easy-to-follow training.  They have provided me with peace of mind in a ever-changing medical environment.
~ Amanda Hoyle, Practice Manager, Venous Institute of Buffalo Inc., Amherst, NY

Business Associate Agreement

The Business Associate Agreement and HIPAA/HITECH rules require your practice to sign a contract with all business associates you have that ensures that they will protect any patient's PHI you provide to them in the same manner as you are required under the rule.

There are several HIPAA and HITECH requirements concerning business associate contracts. Attention should be paid to the use of contracts for business associates on the subject of Internet hosted or non-hosted practice management/EHR applications. This is important because of the HITECH Act’s requirements for the promotion of health information technology.

Who to Contract with

Here are some basic rules for identifying who is a business associate:

  • Employees are not business associates. Business associates are contracted, not employed. 
  • A business associate provides a service necessary to run the healthcare organization such as billing, collections, practice management consulting, etc. Research, fund-raising activities and marketing are not considered core business operations functions.
  • The business associate is usually not "a covered entity" under HIPAA and works outside of the patient's treatment relationship.
  • The business associate needs patient information in order perform its task.
  • The business associate usually keeps the patient PHI with which it is provided.

Click below if you are interested in our HIPAA Compliance Program.

OSHA Compliance

Bloodborne Pathogens

Hazard Communication

Fire Safety

General Safety

Infection Control

HIPAA/HITECH

Privacy and Security

Business Associate Agreement

Breach Notification

Security Risk Assessment

Corporate Compliance

Written Compliance Plan

Code of Conduct

Staff Training

Auditing and Monitoring

Laws and Penalties

Compliance Hotline

Billing Compliance

E&M Audit and Training

EMR/EHR Assessment

Diagnosis Coding and Modifiers

Path Guidelines

Incident To

Additional Resources

Badges for Monitoring Toxic Vapors

Hazardous Product Labels

SDS Management

Document Library

Federal & State Posters

We were so impressed. An amazing job. The best training we've ever had. Your compliance consultant was interesting, quick and on-the-ball. We actually learned something!
~ Betsy Ott, Administrative Assistant, Goldstein Rosenberg's Raphael-Sacks Funeral Home, Philadelphia, Pa