Business associate agreement form
BUSINESS ASSOCIATE AGREEMENT
This Business Associate Agreement (“Agreement”), effective [ ] (“Effective
Date”), is entered into by and between [ ] (the “Business Associate”) and
{Company name} (the “Covered Entity”) (each a “Party” and collectively the “Parties”).
The Parties have entered into an agreement [name of underlying agreement] (the “Underlying
Agreement”) pursuant to which Business Associate is providing [describe services is the
contractor providing] (“Services”) to the Covered Entity that require the disclosure and use of
Protected Health Information. Both Parties are committed to complying with the Privacy Rule and
the Security Rule promulgated pursuant to the Health Insurance Portability and Accountability Act
of 1996 (“HIPAA”).
This Agreement sets forth the terms and conditions pursuant to which Protected Health
Information that is created or received by and/or maintained by the Business Associate from or on
behalf of the Covered Entity, will be handled between the Business Associate and the Covered
Entity and with third parties during the term of the Underlying Agreement and after its
termination. All capitalized terms in this Agreement that are used as defined terms herein have
the meanings ascribed to them in Section 1 below, unless otherwise noted or the context clearly
requires otherwise. The Parties agree as follows:
1. DEFINITIONS
1.1 Administrative Safeguards. “Administrative Safeguards” has the same meaning as the
term “administrative safeguards” in 45 C.F.R. §164.304, as such provision is currently drafted
and as it is subsequently updated, amended or revised.
1.2 Breach. "Breach" has the same meaning as the term “breach” in 45 C.F.R. § 164.402, as
such provision is currently drafted and as it is subsequently updated, amended or revised.
1.3 Breach of System Security. “Breach of System Security” means unauthorized acquisition
of computerized data, limited to the information created, received, maintained, and/or transmitted by
Business Associate from or on behalf of Covered Entity, that compromises the security,
confidentiality, or integrity of Sensitive Personal Information maintained by a person, including
data that is encrypted if the person accessing the data has the key required to decrypt the data.
1.4 Designated Record Set. “Designated Record Set” has the same meaning as the term
“designated record set” in 45 C.F.R. § 164.501, as such provision is currently drafted and as it is
subsequently updated, amended or revised.
1.5 Electronic Protected Health Information. “Electronic Protected Health Information” has
the same meaning as the term “electronic protected health information” in 45 C.F.R. § 160.103, ,
maintained, and/or transmitted, but limited to the information created, received, maintained,
and/or transmitted by Business Associate from or on behalf of Covered Entity, as such provision
is currently drafted and as it is subsequently updated, amended or revised.
1.6 Health Care Operations. “Health Care Operations” has the same meaning as the term
Download
Business associate agreement form
DOC: 176.2 KB | PDF: 133.2 KB (11 pages)
( 4.5, 23 votes )
Business associate agreement form
DOC: 176.2 KB | PDF: 133.2 KB (11 pages)
( 4.5, 23 votes )
Related Templates
Commercial invoice template
1 page
Customs invoice (Canada)
1 page
Commercial invoice template
1 page
Business requirements template
14 pages
Commercial invoice template
1 page
Commercial invoice template
1 page
Commercial invoice
1 page
Commercial invoice
1 page
Commercial invoice template
1 page
Blank invoice template
1 page
Minimalist invoice template
1 page