The Institute of Professional Practice, Inc. Business Associate Agreement

Size: px
Start display at page:

Download "The Institute of Professional Practice, Inc. Business Associate Agreement"

Transcription

1 The Institute of Professional Practice, Inc. Business Associate Agreement This Business Associate Agreement ( Agreement ) effective on (the Effective Date ) is entered into by and between The Institute of Professional Practice, Inc. [also d/b/a Mid- Atlantic Services Corporation] with its principal place of business at 2096 Airport Road, Berlin, Vermont (the Covered Entity ) and (the Business Associate ). Whereas, the Covered Entity regularly discloses Protected Health Information ( PHI ) to the Business Associate and the Business Associate regularly uses or discloses PHI in its performance of services for the Covered Entity; and Whereas, the Covered Entity and Business Associate intend to comply with the Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) and its associated regulations as modified by the Health Information Technology for Economic and Clinical Health Act ( HITECH Act ); and Whereas, the Covered Entity and Business Associate have entered into that certain Business Associate Agreement dated [ ], and now wish to supersede that Business Associate Agreement in order to comply with HIPAA, as amended by the HIPAA implementing regulations at 45 C.F.R. Parts The HIPAA Privacy Rule is the Standards for Privacy of Individually Identifiable Health Information at 45 C.F.R. part 160 and part 164, subparts A and E. The HIPAA Security Rule is the HIPAA Security Standards (45 C.F.R. Parts 160 and 164, subpart C). The HIPAA Breach Notification Rule is the Notification in the Case of Breach of Unsecured Protected Health Information, as set forth at 45 C.F.R. part 164 subpart D; and Whereas, the Privacy Rule and the Security Rule require the Covered Entity to obtain written assurance that the Business Associate will appropriately safeguard PHI, the parties wish to set forth the terms and conditions pursuant to which PHI that is provided by, created or received by the Business Associate from or on behalf of the Covered Entity, will be handled in accordance with HIPAA. Now, therefore, in consideration of the foregoing and of the mutual covenants and agreements set forth herein the parties agree as follows: 1. Definitions. Terms used, but not otherwise defined, in this Agreement shall have the same meaning as in the Privacy Rule, 45 CFR Part 160, or 45 CFR Part

2 (a) Breach. Breach has the same meaning as that term has in Section of the Health Information Technology for Economic and Clinical Health Act of 2009 ( HITECH Act ) and 45 CFR (b) Electronic Health Record. Electronic Health Record means the same as electronic protected health information in Section 13400(5) of HITECH. (c) Electronic PHI. All references to Electronic PHI mean Electronic Protected Health Information under the Security Rule, 45 CFR (d) Electronic Transactions Rule. Electronic Transactions Rule means the final regulations issued by HHS concerning standard transactions and code sets under 45 CFR Parts 160 and 162. (e) Individual. Individual includes a person who qualifies as a personal representative in accordance with 45 CFR (g). (f) Service Agreement. Service Agreement means the Agreement, dated, as amended, between Covered Entity and Business Associate under which Business Associate provides services for The Institute of Professional Practice, Inc. and persons served by IPPI. (g) Security Incident. Security Incident means the attempted or successful unauthorized access, use, modification, or destruction of information or interference with system operations in an information system containing IPPI s PHI data base. (h) Security Rule. Security Rule means the Security Standards for the Protection of Electronic Protected Health Information at 45 CFR Parts 160 and 162, and Parts 164, Subparts A and C, which shall apply to the Business Associate in the same manner that such sections apply to the Covered Entity. (i) Transaction. Transaction shall have the same meaning given the term transaction in 45 CFR (j) Unsecured Protected Health Information. Unsecured Protected Health Information is PHI that is not secured through the use of a technology or methodology specified by the Secretary of Department of Health and Human Services ( HHS ) in regulations or as otherwise defined in Section 13402(h) of the HITECH Act and 45 CFR Services. Services means the services provided by the Business Associate under the Services Agreement dated [ ] or if there is no written Agreement, the services as described below: Except as otherwise specified herein, the Business Associate may transmit, use, store and disclose PHI only as permitted or required by this Agreement or otherwise as required by law to perform Services. The Business Associate may disclose PHI for the purposes authorized by this Agreement only (a) to its employees, Subcontractors and agents, all as in accordance with Paragraph 3, or (b) as otherwise directed by the Covered Entity to the extent directly related to and necessary for the performance of the 2

3 Services. Business Associate will in the performance of the functions, activities, Services and operations make reasonable efforts to use, to disclose, and to request only the minimum amount of PHI reasonably necessary to accomplish the intended purpose of the use, disclosure or request except that Business Associate shall not be obligated to comply with the minimum-necessary limitation if neither Business Associate nor Covered Entity is required by HIPAA to limit its use, disclosure or request to the minimum necessary. The parties acknowledge that the phrase minimum necessary shall be interpreted in accordance with the HITECH Act and any regulations promulgated thereunder. Business Associate will use, disclose and request, to the extent practicable, only a limited data set (as defined by 45 C.F.R (e)(2)), unless there is need for PHI with direct identifiers (as specified in 45 C.F.R (e)(2)) to accomplish the purpose for which Business Associate is using, disclosing or requesting the PHI. If there is need for PHI with direct identifiers, Business Associate will use, disclose or request only the Minimum Necessary to accomplish the purpose of the use, disclosure or request. 3. Responsibilities of Business Associate. With regard to its use or disclosure of PHI, the Business Associate hereby agrees that it shall: (a) Use or disclose the PHI only as needed to perform Services or its obligations for the Covered Entity, provided that such use or disclosure would not violate the Privacy Rules if done by the Covered Entity. (b) Not use or further disclose PHI other than as permitted or required to perform the Services subject to the provisions of this Agreement or as otherwise required by law. (c) Implement, maintain and use commercially appropriate security safeguards to prevent unauthorized use or disclosure of PHI including the implementation of administrative, physical and technical safeguards (including written policies and procedures) that reasonably and appropriately protect the confidentiality, integrity, and availability of Electronic PHI that it creates, receives, maintains or transmits on behalf of the Covered Entity as required to provide the Services. (d) Mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement. (e) Report to the designated Privacy Officer of the Covered Entity, in writing, any use or disclosure of PHI that is not permitted or required by this Agreement of which Business Associate knew or should have known and/or any Security Incident of which it becomes aware. Business Associate will report the aggregate number of unsuccessful attempts to access, use, disclose, or modify Electronic PHI or to interfere with system operations on an information system containing Covered Entity s Electronic PHI. Such reports shall include the data base access logs to Covered Entity s PHI, including but not limited to logs of unsuccessful attempts to access Covered Entity s PHI as well as Breaches wherever such data is maintained. Such reports shall be provided at least quarterly. Business Associate will report to Covered Entity any successful unauthorized access, use, disclosure, modification, or distribution of Electronic PHI or any successful 3

4 interruption with system operations in an information system containing Electronic PHI, in writing, as soon as reasonably possible. (f) Notify the Privacy Officer of the Covered Entity immediately of any Breach of Unsecured Protected Health Information as soon as discovered. (i.) The notification should include, in the exercise of Business Associate s best efforts and due diligence, the identification of each individual whose Unsecured Protected Health Information has been, or is reasonably believed to have been accessed, acquired or disclosed during such Breach. (ii.) Notification to Individuals by the Business Associate must be made as soon as reasonably possible and not more than 60 days from discovering the Breach. Notification must be coordinated with and approved by the Covered Entity; (iii.) Business Associate will coordinate with Covered Entity in the determination of additional specific actions that will be required of the Covered Entity for mitigation of the Breach; and (iv.) If the Business Associate is a vendor of personal health records, notification of the Breach will need to be made to the Federal Trade Commission. (g) Be responsible for any and all costs associated with the notification and mitigation of a Breach which results in a disclosure of PHI that violates HIPAA. (h) Require all of its employees, representatives, Subcontractors or agents that receive or use or have access to PHI to agree in writing to adhere to the same restrictions and conditions and requirements on the use or disclosure of PHI as are contained herein; moreover, Business Associate shall ensure that any such agent or Subcontractor agrees to implement reasonable and appropriate safeguards to protect PHI including but not limited to having such Subcontractor sign a Business Associate Agreement with the Business Associate which includes provisions at least as stringent as those contained herein. The Business Associate will indemnify and hold IPPI harmless for any and all Breaches of the Agreement by any agent or Subcontractor of the Business Associate in accordance with Section 10 of this Agreement. (i) Provide access, at the request of Covered Entity, and in the time and manner designated by Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 CFR Amend PHI as required under 45 C.F.R as requested by Covered Entity or an Individual Comply with Covered Entity s and/or an Individual s request for restrictions and confidential communications in connection with the disclosure of PHI under 45 C.F.R whenever feasible. (j) Document such disclosure of PHI and information related to such disclosure as would be required for the Covered Entity to respond to a request by an Individual for an accounting of disclosures in accordance with 45 CFR (k) Business Associate will provide in a timely manner, information collected in accordance with paragraph (i) of this section, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 4

5 CFR At Covered Entity s request, Business Associate will provide an accounting as follows: (i) Disclosure Tracking. Business Associate will record each disclosure of Individual s PHI which is not excepted from disclosure accounting under 45 C.F.R that Business Associates makes to Covered Entity or a Third Party. The information about each disclosure that Business Associate must record is (1) the disclosure date; (b) the name and (if known) address of the person or entity to whom Business Associate made the disclosure; (c) a brief description of the PHI disclosed, and (d) a brief statement of the purpose of the disclosure (Items (a)-(c), collectively Disclosure Information ). For repetitive disclosures of Individual s PHI that Business Associate makes for a single purpose to the same person or entity, Business Associate may record (a) the Disclosure Information for the first of these repetitive disclosure, (b) the frequency, periodicity or number of these repetitive disclosures and (c) the date of the last of these repetitive disclosures. (ii) Exceptions from Disclosure Tracking. Business Associate is not required to record Disclosure Information or otherwise account for disclosures of PHI that are excepted by 45 CFR (a). (l) Make available all records, books, agreements, policies and procedures relating to the use and/or disclosure of PHI received from, or created or received by Business Associate on behalf of Covered Entity to Covered Entity or available to HHS in the time and manner determined by the parties or as determined by the Secretary of HHS for purposes of determining the Covered Entity s compliance with the Privacy Rules and Security Rules. With reasonable notice, Covered Entity may audit Business Associate to monitor compliance with this Agreement. Business Associate will promptly correct any violation of this Agreement found by Covered Entity and will certify in writing that the correction has been made. Covered Entity s failure to detect any unsatisfactory practice does not constitute acceptance of the practice or a waiver of Covered Entity s enforcement rights under this Agreement. (m) Upon written request, make available to the Covered Entity within thirty (30) days during normal business hours at Business Associate s offices, all records, books, agreements, policies and procedures relating to the use and/or disclosure of PHI for purposes of enabling the Covered Entity to determine the Business Associate s compliance with the terms of this Agreement. (n) Use the minimum necessary of such PHI it creates or receives for or from Covered Entity for Business Associate s proper management and administration or to carry out Business Associate s legal responsibilities. Business Associate may also use PHI to report violations of law to appropriate Federal and state authorities, consistent with 45 CFR 502(j)(l). (o) Return or destroy the information once this Agreement is terminated, if feasible. If it is not possible to return or destroy the information because of other obligations or legal requirements, the protections of the Agreement will apply until the information is returned or destroyed and no other uses or disclosures may be made except for the purposes that prevented the return or destruction of the information. 5

6 (p) If Business Associate transmits, stores, or receives any covered Electronic PHI on behalf of Covered Entity, comply with all applicable provisions of the Standard Law Electronic Transmissions Rule to the extent required by law, and ensure that any agents that assist Business Associate in conducting Covered Electronic Transactions on behalf of the Covered Entity agree in writing to comply with the standards for Electronic Transactions to the extent required by law and to execute a Business Associate Agreement with Business Associate. Business Associate shall also comply with the National Provider Identifier requirements as set forth in 45 CFR Part 162, if and to the extent applicable. (i) Business Associate will not enter into any trading partner agreement in connection with the conduct of Standard Transactions that (w) changes the definition, data condition, or use of a data element or segment in a Standard Transaction; (x) adds any data element or segment to the maximum defined data set; (y) uses any code or data element that is marked not used in the Standard Transaction s implementation specification or is not in the Standard Transaction s implementation specification; or (z) changes the meaning or intent of the Standard Transaction s implementation specification, as these terms are defined in 45 C.F.R. Part 162. (ii) All communications between Business Associate and Covered Entity that are required to meet the Standards for Electronic Transactions shall do so. (q) Under the Security Rules: (i) Implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of electronic PHI that it receives, maintains, or transmits on behalf of the Covered Entity and which prevent, detect, contain, and correct security violation. (ii) Ensure that any agent, including a subcontractor, to whom Business Associate provides such information, agrees to implement reasonable and appropriate safeguards to protect it, including the entering into Business Associate Agreements with those subcontractors with obligations at least as stringent as those contained in this Agreement and which identify Covered Entity as a third party beneficiary with rights of enforcement in the event of a violation. If the agreement does not identify Covered Entity as a third party beneficiary with rights of enforcement, the Business Associate will indemnify and hold IPPI harmless for any and all Breaches of the Business Associate Agreement by such agent or subcontractor of the Business Associate in accordance with Section 10 of this Agreement. (iii) Immediately report to the Covered Entity any Security Incident of which it becomes aware in accordance with Section 14. Business Associate will upon discovery notify Covered Entity of any Breach of PHI that has not been secured as specified in this Agreement. Business Associate will make such notification without unreasonable delay and in no case later than sixty (60) calendar days after discovery. Business Associate s notice to Covered Entity will identify each Individual whose unsecured PHI has been or is reasonably believed by Business Associate to have been accessed, acquired or disclosed during such Breach. 6

7 (iv) Establish and implement procedures and other reasonable efforts at its own expense for mitigating, to the greatest extent possible, any harmful effects arising from any improper disclosure or use of PHI. (v) Comply with each of the Standards and Implementation Specifications of Sections (Administrative Safeguards), (Physical Safeguards), (Technical Safeguards), and (Policies and Procedures and Documentation Requirements) of the HIPAA Security Rule at 45 C.F.R. Part 164, Subpart C. In complying with these Standards and Implementation Specifications, Business Associate will be guided by the guidance issued annually by the Secretary pursuant to HITECH 13401(c). The foregoing provisions of this subparagraph parallel those in Section (e) of the Privacy Rules, but do not reference use and disclosure or availability of information to the Covered Entity. (r) Not transmit PHI outside the United States without the prior written consent of the Covered Entity. 4. Sale of Information Prohibited. Business Associate agrees that it and its agents and subcontractors are prohibited from directly or indirectly receiving remuneration in exchange for an individual s protected health information, and from directly or indirectly receiving payment for any use or disclosure of PHI for marketing purposes.. 5. Responsibilities of the Covered Entity. With regard to the use or disclosure of PHI by the Business Associate, the Covered Entity hereby agrees: (a) To inform the Business Associate of any changes in the form of notice of privacy practices that the Covered Entity provides to Individuals pursuant to 45 CFR to the extent such changes may affect Business Associate s use or disclosures of PHI and provide the Business Associate a copy of the notice currently in use. (b) To inform the Business Associate of any changes in, or revocation of, the permission by Individual to use or disclose PHI to the extent such PHI changes may affect Business Associate s use or disclosure of PHI. (c) To notify the Business Associate, in writing and in a timely manner, of any restrictions on the use or disclosure of PHI agreed to by the Covered Entity as provided for in 45 CFR (d) Not to request Business Associate to use or disclose PHI in any manner that would not be permissible under the Privacy Rules if done by the Covered Entity. 6. Applicability of State Law. If a state law applicable to the relationship between the Covered Entity and the Business Associate applies additional or more stringent requirements to the parties than those required by HIPAA, the Business Associate agrees to comply with the state law requirements. 7. Mutual Representation and Warranty. Each party represents and warrants to the other party that all of its employees, agents, representatives and members of its work force, whose services may be used to fulfill its respective obligations under this Business 7

8 Associate Agreement, are or shall be appropriately informed of the terms of this Business Associate Agreement, and are under legal obligation to fully comply with all provisions of this Business Associate Agreement. 8. Term and Termination. (a) Term. This Business Associate Agreement shall become effective on the Effective Date and shall terminate when all of the PHI provided by Covered Entity to the Business Associate, or created or received by the Business Associate on behalf of the Covered Entity, is destroyed or returned to the Business Associate, or created or received by the Business Associate on behalf of the Covered Entity, is destroyed or returned to the Covered Entity, or, if it is not feasible to return or destroy PHI, protection is extended to such information in accordance with Section 8(c) below. (b) Termination. Upon Covered Entity s knowledge of a material breach of this Business Associate Agreement by Business Associate, Covered Entity may provide an opportunity for Business Associate to cure the breach or end the violation and may terminate this Agreement and the Services if Business Associate does not cure the breach or end the violation within thirty (30) days. If the Business Associate has breached a material term of the Business Associate Agreement and a cure is not possible, then the Covered Entity may immediately terminate this Business Associate Agreement and the Services. If termination is not feasible, the Covered Entity may report the breach to the Secretary of HHS. (c) Effect of Termination. (i) Except as provided in subparagraph (ii) of this Section, upon termination of this Business Associate Agreement, for any reason, Business Associate shall return or destroy PHI received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity. This provision also shall apply to PHI that is in the possession of subcontractors or agents of Business Associate. Business Associate shall retain no copies of the PHI. (ii) In the event that Business Associate determines that returning or destroying the PHI is not feasible, Business Associate shall provide to Covered Entity notification of the conditions that make return or destruction infeasible. Upon mutual agreement of the parties that return or destruction of PHI is not feasible, Business Associate shall extend the protections of this Business Associate Agreement to such PHI and limit further uses and disclosures of such PHI to those purposes that make the return or destruction not feasible, for so long as Business Associate maintains such PHI. 9. Insurance. Business Associate shall maintain insurance with respect to Business Associate s obligations under this Agreement reasonably satisfactory to Covered Entity and provide, from time to time as requested by Covered Entity, proof of such insurance. 10. Indemnification. Business Associate will indemnify, defend and hold harmless Covered Entity and its respective employees, directors, officers, subcontractors, agents and affiliates from and against all claims, actions, damages, losses, liabilities, fines, penalties, costs or expenses (including without limitation reasonable attorneys fees) suffered by Covered Entity arising from or in connection with any breach of this 8

9 Agreement, or any negligent or wrongful acts or omissions in connection with this Agreement, by Business Associate or by Business Associate s employees, directors, officers, subcontractors, or agents. 11. Survival of Certain Provisions of this Agreement and Previous Agreements. The respective rights and obligations of Business Associate and Covered Entity under the provisions of Sections 3, 4, 8(c) and 10, above, shall survive the termination of this Business Associate Agreement indefinitely. No provision of this Agreement shall be construed to supersede any provision of any previous Business Associate Agreement between the parties that is intended to survive the termination of such Agreement. 12. Amendment. This Business Associate Agreement may not be modified or amended, except in writing as agreed to by each party. 13. No Third Party Beneficiaries. Nothing expressed or implied in this Business Associate Agreement is intended to confer, nor shall anything herein confer, upon any person other than the parties hereto any rights, remedies, obligations, or liabilities whatsoever. 14. Notices. Any notices to be given hereunder shall be made via U.S. Mail or express courier, or hand delivery to the other party s address given below as follows: If to Business Associate: If to Covered Entity: HIPAA Privacy Officer, Michael Farrah The Institute of Professional Practice, Inc. 356 Broad Street, 3 rd Floor Fitchburg, MA Inconsistencies. To the extent of any inconsistencies between the Agreement and this Business Associate Agreement, the terms and conditions of this Business Associate Agreement shall be controlling as to HIPAA-related matters. 16. Interpretation. Any ambiguity in the Agreement shall be resolved in favor of a meaning that permits Covered Entity to comply with the Privacy Rules and Security Rules. The parties agree to amend this Agreement from time to time as necessary for Covered Entity to comply with the requirements of the Privacy and Security Rules, and HIPAA. 17. Service Agreement. This Agreement amends and supersedes any inconsistent provisions in the Service Agreement concerning the subject matter herein to assure that the parties remain in compliance with final regulations and any amendments to the final regulations promulgated by HHS with respect to PHI. 9

10 IN WITNESS WHEREOF, the parties hereto hereby execute this Agreement as of the Effective Date. Business Associate Witness By: Name: Title: Date: The Institute of Professional Practice, Inc. Witness By: Name: Michael Farrah Title: Privacy Officer Date: s:\ippi\client hippa policy april 2010\2013amendedclienthippaa\02. tab 2-business associate agreementcovered entity21210.doc 10

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT is made and entered into as of the day of, 2013 ( Effective Date ), by and between [Physician Practice] on behalf of itself and each of its

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (this Agreement ), effective as of May 1, 2014 (the Effective Date ), by and between ( Covered Entity ) and Orchard Software Corporation,

More information

Please print the attached document, sign and return to privacy@covermymeds.com or contact Erica Van Treese, Account Manager, Provider Relations &

Please print the attached document, sign and return to privacy@covermymeds.com or contact Erica Van Treese, Account Manager, Provider Relations & Please print the attached document, sign and return to privacy@covermymeds.com or contact Erica Van Treese, Account Manager, Provider Relations & Solutions. Office: 866-452-5017, Fax: 615-379-2541, evantreese@covermymeds.com

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT Please complete the following and return signed via Fax: 919-785-1205 via Mail: Aesthetic & Reconstructive Plastic Surgery, PLLC 2304 Wesvill Court Suite 360 Raleigh, NC 27607

More information

SAMPLE BUSINESS ASSOCIATE AGREEMENT

SAMPLE BUSINESS ASSOCIATE AGREEMENT SAMPLE BUSINESS ASSOCIATE AGREEMENT This is a draft business associate agreement based on the template provided by HHS. It is not intended to be used as is and you should only use the agreement after you

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Business Associate Agreement (this "Agreement") is made as of, 201_ (the Effective Date ), and is entered into between ( Covered Entity ) and Delta Business System, Inc.

More information

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( Agreement ) dated as of the signature below, (the Effective Date ), is entered into by and between the signing organization

More information

BUSINESS ASSOCIATE ADDENDUM

BUSINESS ASSOCIATE ADDENDUM BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum ( Addendum ) is entered into this day of 2014. Perry Memorial Hospital ( Covered Entity ) and [ABC Company] ( Business Associate ) referred

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement and is made between BEST Life and Health Insurance Company ( BEST Life ) and ( Business Associate ). RECITALS WHEREAS, the U.S.

More information

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT EXHIBIT C BUSINESS ASSOCIATE AGREEMENT THIS AGREEMENT is made and entered into by and between ( Covered Entity ) and KHIN ( Business Associate ). This Agreement is effective as of, 20 ( Effective Date

More information

BUSINESS ASSOCIATE AGREEMENT Health Insurance Portability and Accountability Act (HIPAA)

BUSINESS ASSOCIATE AGREEMENT Health Insurance Portability and Accountability Act (HIPAA) BUSINESS ASSOCIATE AGREEMENT Health Insurance Portability and Accountability Act (HIPAA) This Business Associate Agreement (the Agreement ) is made and entered into as of [Date] (hereinafter Effective

More information

BUSINESS ASSOCIATE AGREEMENT First Choice Community Healthcare, Inc.

BUSINESS ASSOCIATE AGREEMENT First Choice Community Healthcare, Inc. BUSINESS ASSOCIATE AGREEMENT First Choice Community Healthcare, Inc. THIS BUSINESS ASSOCIATE AGREEMENT (BAA) is entered into by and between First Choice Community Healthcare, with a principal place of

More information

This form may not be modified without prior approval from the Department of Justice.

This form may not be modified without prior approval from the Department of Justice. This form may not be modified without prior approval from the Department of Justice. Delete this header in execution (signature) version of agreement. HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) by and between (hereinafter known as Covered Entity ) and Office Ally, LLC. (hereinafter known as Business Associate ), and

More information

UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S):

UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S): UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S): THIS AGREEMENT is made by and between UNIVERSITY PHYSICIANS OF BROOKLYN, INC., located at 450 Clarkson Ave., Brooklyn,

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ("Agreement") is made and is effective as of the date of electronic signature("effective Date") between Name of Organization ("Covered

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the "Agreement") is made and entered into this day of,, by and between Quicktate and idictate ("Business Associate") and ("Covered Entity").

More information

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308)

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) HIPAA Business Associate Agreement Sample Notice Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) The information provided in this document does not constitute, and is no substitute

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Business Associate Agreement (this Agreement ) is entered into as of _September 23_, 2013, (the Effective Date ) by and between Denise T. Nguyen, DDS, PC ( Dental Practice

More information

Tulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY

Tulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY Tulane University DEPARTMENT: General Counsel s POLICY DESCRIPTION: Business Associates Office -- HIPAA Agreement PAGE: 1 of 1 APPROVED: April 1, 2003 REVISED: November 29, 2004, December 1, 2008, October

More information

BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION

BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION This Agreement governs the provision of Protected Health Information ("PHI") (as defined in 45 C.F.R.

More information

HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN. Stewart C. Miller & Co., Inc. (Business Associate) AND

HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN. Stewart C. Miller & Co., Inc. (Business Associate) AND HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN Stewart C. Miller & Co., Inc. (Business Associate) AND City of West Lafayette Flexible Spending Plan (Covered Entity) TABLE OF CONTENTS

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (the AGREEMENT ) is entered into this (the "Effective Date"), between Delta Dental of Tennessee ( Covered Entity ) and ( Business Associate

More information

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM BETWEEN The Division of Health Care Financing and Policy Herein after referred to as the Covered Entity and (Enter Business

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT The parties to this ( Agreement ) are, a _New York_ corporation ( Business Associate ) and ( Client ) you, as a user of our on-line health record system (the "System"). BY

More information

DRAFT BUSINESS ASSOCIATES AGREEMENT

DRAFT BUSINESS ASSOCIATES AGREEMENT DRAFT BUSINESS ASSOCIATES AGREEMENT THIS AGREEMENT is made this day of, 20, by and among, a Corporation organized under the laws of the State of (hereinafter known as "Covered Entity") and organized under

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This BUSINESS ASSOCIATE AGREEMENT (the "Agreement") is entered into by and between the Board of Regents of the University of Wisconsin System on behalf of the [insert name

More information

FirstCarolinaCare Insurance Company Business Associate Agreement

FirstCarolinaCare Insurance Company Business Associate Agreement FirstCarolinaCare Insurance Company Business Associate Agreement THIS BUSINESS ASSOCIATE AGREEMENT ("Agreement"), is made and entered into as of, 20 (the "Effective Date") between FirstCarolinaCare Insurance

More information

Business Associate and Data Use Agreement

Business Associate and Data Use Agreement Business Associate and Data Use Agreement This Business Associate and Data Use Agreement (the Agreement ) is entered into by and between ( Covered Entity ) and HealtHIE Nevada ( Business Associate ). W

More information

Business Associate Contract

Business Associate Contract Business Associate Contract THIS CONTRACT is made and entered into by and between Imagine! (hereinafter called Contractor ), a not-for-profit Community Centered Board, duly incorporated and existing under

More information

University Healthcare Physicians Compliance and Privacy Policy

University Healthcare Physicians Compliance and Privacy Policy Page 1 of 11 POLICY University Healthcare Physicians (UHP) will enter into business associate agreements in compliance with the provisions of the Health Insurance Portability and Accountability Act of

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Agreement, dated as of, 2015 ("Agreement"), by and between, on its own behalf and on behalf of all entities controlling, under common control with or controlled

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Business Associate Agreement (the Agreement ) is made by and between Business Associate, [Name of Business Associate], and Covered Entity, The Connecticut Center for Health,

More information

Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement

Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement You may be aware that the Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) requires health plans

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Agreement is entered into as of ("Effective Date"), between ( Covered Entity ), and ( Business Associate ). RECITALS WHEREAS, Business Associate provides services on behalf

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (this Agreement ) is made effective as of ( Effective Date ) by and between Sentara Health Plans, Inc. ( Covered Entity ) and ( Business Associate

More information

BUSINESS ASSOCIATE AGREEMENT WITH TRANSFUSION FACILITIES

BUSINESS ASSOCIATE AGREEMENT WITH TRANSFUSION FACILITIES 1 BUSINESS ASSOCIATE AGREEMENT WITH TRANSFUSION FACILITIES This BUSINESS ASSOCIATE AGREEMENT (this Agreement ) is entered into as of the date first written in the signature block below (the Effective Date

More information

COVERMYMEDS BUSINESS ASSOCIATE AGREEMENT

COVERMYMEDS BUSINESS ASSOCIATE AGREEMENT COVERMYMEDS BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (the Agreement ) is entered into between Covered Entity and CoverMyMeds LLC, a Delaware limited liability company ( Business Associate

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

BUSINESS ASSOCIATE AGREEMENT ( BAA )

BUSINESS ASSOCIATE AGREEMENT ( BAA ) BUSINESS ASSOCIATE AGREEMENT ( BAA ) Pursuant to the terms and conditions specified in Exhibit B of the Agreement (as defined in Section 1.1 below) between EMC (as defined in the Agreement) and Subcontractor

More information

HIPAA Business Associate Addendum

HIPAA Business Associate Addendum HIPAA Business Associate Addendum THIS HIPAA BUSINESS ASSOCIATE ADDENDUM (this Addendum ) is by and between ( Covered Entity ) and TALKSOFT CORPORATION ( Business Associate ) (hereinafter, Covered Entity

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ), entered into and effective this day of,, is by and between ( Business Associate ) and Black, Gould & Associates, Inc.

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is by and between ( Covered Entity ) and Xelex Digital, LLC ( Business Associate ), and is effective as of. WHEREAS,

More information

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement This (hereinafter referred to as Addendum ) by and between Athens Area Health Plan Select, Inc. (hereinafter referred to as HPS ) a Covered Entity under HIPAA, and INSERT ORG NAME (hereinafter referred

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is effective as of, 200 ( Effective Date ), and entered into by and between, whose address is ( Business Associate ) and THE

More information

BUSINESS ASSOCIATE ADDENDUM. WHEREAS, Provider (as defined below) has a contractual relationship with FHCCP requiring this Addendum;

BUSINESS ASSOCIATE ADDENDUM. WHEREAS, Provider (as defined below) has a contractual relationship with FHCCP requiring this Addendum; BUSINESS ASSOCIATE ADDENDUM This BUSINESS ASSOCIATE ADDENDUM (this Addendum ) is made and entered into as of July 1, 2012, ( Effective Date ) and supplements and is made a part of the services agreement

More information

VERSION DATED AUGUST 2013/TEXAS AND CALIFORNIA

VERSION DATED AUGUST 2013/TEXAS AND CALIFORNIA VERSION DATED AUGUST 2013/TEXAS AND CALIFORNIA This Business Associate Addendum ("Addendum") supplements and is made a part of the service contract(s) ("Contract") by and between St. Joseph Health System

More information

ACTION COLLECTION SERVICES INC. BUSINESS ASSOCIATE AGREEMENT (FOR MEDICAL PROVIDERS)

ACTION COLLECTION SERVICES INC. BUSINESS ASSOCIATE AGREEMENT (FOR MEDICAL PROVIDERS) ACTION COLLECTION SERVICES INC. BUSINESS ASSOCIATE AGREEMENT (FOR MEDICAL PROVIDERS) THIS BUSINESS ASSOCIATE AGREEMENT (the Agreement ), is dated as of, by and between Action Collection Services Inc. (

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT 1. The terms and conditions of this document entitled Business Associate Agreement ( Business Associate Agreement ), shall be attached to and incorporated by reference in the

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is between you, a healthcare provider, its employees and agents ( Covered Entity ) and Doc Halo, LLC ( Business Associate ).

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BA Agreement ) is entered into by Medtep Inc., a Delaware corporation ( Business Associate ) and the covered entity ( Covered Entity

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT Note: This form is not meant to encompass all the various ways in which any particular facility may use health information and should be specifically tailored to your organization. In addition, as with

More information

HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions

HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions A. Business Associate. Business Associate shall have the meaning given to such term under the Privacy and Security Rules, including,

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT Express Scripts, Inc. and one or more of its subsidiaries ( ESI ), and Sponsor or one of its affiliates ( Sponsor ), are parties to an agreement ( PBM Agreement ) whereby ESI

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into as of ( Effective Date ) by and between ( Covered Entity ) and American Academy of Sleep Medicine ( Business Associate

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( the Agreement ) is entered into this day of, 20 by and between the Tennessee Chapter of the American Academy of Pediatrics ( Business Associate

More information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( BAA ) is by and between the National Association of Boards of Pharmacy

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) is entered into by and between (the Covered Entity ), and Iowa State Association of Counties (the Business Associate ). RECITALS

More information

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS HSHS BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement, ( Agreement ) is entered into on the date(s) set forth below by and between Hospital Sisters Health System on its own behalf and

More information

Sample Business Associate Agreement (4. Other Bus. Assoc., Version 6-06-05)

Sample Business Associate Agreement (4. Other Bus. Assoc., Version 6-06-05) Sample Business Associate Agreement (4. Other Bus. Assoc., Version 6-06-05) This Business Associate Agreement (the Agreement ) is entered into as of, 20, (the Effective Date ) by and between, (the Covered

More information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES I. Overview / Definitions The Health Insurance Portability and Accountability Act is a federal law

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is entered between ("Covered Entity" or "CE") and, ("Business Associate" or "BA"), collectively the Parties, who agree as follows:

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Business Associate Contract (Agreement) is entered into by and between, as a Covered Entity as defined in relevant federal and state law, and HMS Agency, Inc., as their

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred

More information

H I P AA B U S I N E S S AS S O C I ATE AGREEMENT

H I P AA B U S I N E S S AS S O C I ATE AGREEMENT H I P AA B U S I N E S S AS S O C I ATE AGREEMENT This HIPAA BUSINESS ASSOCIATE AGREEMENT (the BAA ) is entered into by and between Opticare of Utah, Inc. ( Covered Entity ), and,( Business Associate ).

More information

CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT

CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (Agreement) is made this day of, 20, between the Catholic Social Services ( CSS ), whose business address is 3710

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is effective as of, 2013, and is by and between SOUTHWEST DEVELOPMENTAL SERVICES, INC. ( Covered Entity ) and ( Business Associate

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Addendum is made part of the agreement between Boston Medical Center ("Covered Entity ) and ( Business Associate"), dated [the Underlying Agreement ]. In connection with

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (hereinafter Agreement ) is between COVERED ENTITY NAME (hereinafter Covered Entity ) and BUSINESS ASSOCIATE NAME (hereinafter Business

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Agreement ( Agreement ) is made and entered into this day of [Month], [Year] by and between [Business Name] ( Covered Entity ), [Type of Entity], whose business address

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( BA Agreement ) amends, supplements, and is made a part of the Agreement ( Agreement ) entered with Client ( CLIENT ) and International

More information

SaaS. Business Associate Agreement

SaaS. Business Associate Agreement SaaS Business Associate Agreement This Business Associate Agreement ( BA Agreement ) becomes effective pursuant to the terms of Section 5 of the End User Service Agreement ( EUSA ) between Customer ( Covered

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) between Inphonite, LLC ( Business Associate and you, as our Customer ( Covered Entity ) (each individually, a Party, and collectively,

More information

BUSINESS ASSOCIATE AND DATA USE AGREEMENT NAME OF COVERED ENTITY: COVERED ENTITY FEIN/TAX ID: COVERED ENTITY ADDRESS:

BUSINESS ASSOCIATE AND DATA USE AGREEMENT NAME OF COVERED ENTITY: COVERED ENTITY FEIN/TAX ID: COVERED ENTITY ADDRESS: BUSINESS ASSOCIATE AND DATA USE AGREEMENT NAME OF COVERED ENTITY: COVERED ENTITY FEIN/TAX ID: COVERED ENTITY ADDRESS:, City State Zip This Business Associate and Data Use Agreement ( Agreement ) is effective

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) by and between Drexel University ( Hybrid Entity ), with a principal address at 3141 Chestnut Street, Philadelphia, PA 19104,

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is effective ( Effective Date ) by and between ( Covered Entity ) and Egnyte, Inc. ( Egnyte or Business Associate ). RECITALS

More information

MMA SAMPLE FORM *REVIEW CAREFULLY & ADAPT TO YOUR PRACTICE*

MMA SAMPLE FORM *REVIEW CAREFULLY & ADAPT TO YOUR PRACTICE* This is only sample language. The language should be changed to accurately reflect business arrangements between a covered entity and business associate or business associate and subcontractor. In addition,

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is entered into by and between Professional Office Services, Inc., with principal place of business at PO Box 450, Waterloo,

More information

BUSINESS ASSOCIATE ADDENDUM

BUSINESS ASSOCIATE ADDENDUM BUSINESS ASSOCIATE ADDENDUM This BA Agreement, effective as of the effective date of the Terms of Use, adds to and is made part of the Terms of Use by and between Business Associate and Covered Entity.

More information

HIPAA Data Use Agreement Policy R&G Template Updated for Omnibus Rule HIPAA DATE USE AGREEMENT 1

HIPAA Data Use Agreement Policy R&G Template Updated for Omnibus Rule HIPAA DATE USE AGREEMENT 1 HIPAA DATE USE AGREEMENT 1 This Data Use Agreement (the "Agreement") is effective as of (the "Agreement Effective Date") by and between ("Covered Entity") and ("Data User"). RECITALS WHEREAS, Covered Entity

More information

Business Associate Agreement Involving the Access to Protected Health Information

Business Associate Agreement Involving the Access to Protected Health Information School/Unit: Rowan University School of Osteopathic Medicine Vendor: Business Associate Agreement Involving the Access to Protected Health Information This Business Associate Agreement ( BAA ) is entered

More information

BUSINESS ASSOCIATE AGREEMENT. Business Associate. Business Associate shall mean.

BUSINESS ASSOCIATE AGREEMENT. Business Associate. Business Associate shall mean. BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement is made as of the day of, 2010, by and between Methodist Lebonheur Healthcare, on behalf of itself and all of its affiliates ( Covered Entity

More information

Infinedi HIPAA Business Associate Agreement RECITALS SAMPLE

Infinedi HIPAA Business Associate Agreement RECITALS SAMPLE Infinedi HIPAA Business Associate Agreement This Business Associate Agreement ( Agreement ) is entered into this day of, 20 between ( Company ) and Infinedi, LLC, a Limited Liability Corporation, ( Contractor

More information

Snake River School District No. 52 HIPAA BUSINESS ASSOCIATE AGREEMENT (See also Policy No. 7436, HIPAA Privacy Rule)

Snake River School District No. 52 HIPAA BUSINESS ASSOCIATE AGREEMENT (See also Policy No. 7436, HIPAA Privacy Rule) 5450F1 (page 1 of 6) Snake River School District No. 52 HIPAA BUSINESS ASSOCIATE AGREEMENT (See also Policy No. 7436, HIPAA Privacy Rule) THIS AGREEMENT is entered into on this day of, 20 by and between

More information

HIPAA Privacy and Business Associate Agreement

HIPAA Privacy and Business Associate Agreement HR 2011-07 ATTACHMENT D HIPAA Privacy and Business Associate Agreement This Agreement is entered into this day of,, between [Employer] ( Employer ), acting on behalf of [Name of covered entity/plan(s)

More information

Louisiana State University System

Louisiana State University System PM-36: Attachment 4 Business Associate Contract Addendum On this day of, 20, the undersigned, [Name of Covered Entity] ("Covered Entity") and [Name of Business Associate] ("Business Associate") have entered

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is entered into as of the day of, 2013 by and between RUTGERS UNIVERSITY, a Hybrid Entity, on behalf and for the

More information

HIPAA Business Associate Agreement

HIPAA Business Associate Agreement HIPAA Business Associate Agreement This HIPAA Business Associate Agreement ( BAA ), effective as of, ( Effective Date ), is made by and between ( Covered Entity ) and da Vinci Motion Graphics, Inc. d/b/a

More information

APPENDIX I: STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT (2012 Version)

APPENDIX I: STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT (2012 Version) APPENDIX I: STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT (2012 Version) THIS AGREEMENT is entered into and made effective the day of, 2012 (the Effective Date ), by and between (a)

More information

SAMPLE BUSINESS ASSOCIATE AGREEMENT

SAMPLE BUSINESS ASSOCIATE AGREEMENT SAMPLE BUSINESS ASSOCIATE AGREEMENT THIS AGREEMENT IS TO BE USED ONLY AS A SAMPLE IN DEVELOPING YOUR OWN BUSINESS ASSOCIATE AGREEMENT. ANYONE USING THIS DOCUMENT AS GUIDANCE SHOULD DO SO ONLY IN CONSULT

More information

FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT

FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is made and entered into to be effective as of, 20 (the Effective Date ), by and between ( Covered Entity ) and

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT 1. DEFINITIONS: 1.1 Undefined Terms: Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms defined by the Health Insurance Portability

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (this Agreement ) is made effective as of the day of 2014 (the Effective Date ), by and between Sarasota County Public Hospital District,

More information

STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT

STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT STANDARD FORM BUSINESS ASSOCIATE CONTRACT AND DATA USE AGREEMENT THIS AGREEMENT is entered into and made effective the day of, 2014 (the Effective Date ), by and between (a) GI Quality Improvement Consortuim,

More information

BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM

BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM This HIPAA Addendum ("Addendum") is entered into effective this first day of November 1, 2015, by and between "Business Associate" AND COUNTY OF OTTAWA Ottawa County

More information

Preferred Professional Insurance Company Subcontractor Business Associate Agreement

Preferred Professional Insurance Company Subcontractor Business Associate Agreement Preferred Professional Insurance Company Subcontractor Business Associate Agreement THIS SUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT ( Agreement ) amends and is made a part of all Services Agreements (as

More information

HIPAA Compliance And Participation in the National Oncologic Pet Registry Project

HIPAA Compliance And Participation in the National Oncologic Pet Registry Project HIPAA Compliance And Participation in the National Oncologic Pet Registry Project Your facility has indicated its willingness to participate in the National Oncologic PET Registry Project (NOPR) sponsored

More information

A How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1

A How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1 A How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1 Policy and Procedure Templates Reflects modifications published in the Federal Register

More information

HIPAA BUSINESS ASSOCIATES CONTRACT FOR EYE CARE PROVIDERS 1 ST ADDENDUM

HIPAA BUSINESS ASSOCIATES CONTRACT FOR EYE CARE PROVIDERS 1 ST ADDENDUM HIPAA BUSINESS ASSOCIATES CONTRACT FOR EYE CARE PROVIDERS 1 ST ADDENDUM The HIPAA BUSINESS ASSOCIATES CONTRACT FOR EYE CARE PROVIDERS ( Original Agreement ) was made available on the Visionweb website

More information