Free HIPAA Business Associate Agreement Template 2018

Posted on

Understanding the HIPAA Business Associate Agreement (BAA)

A BAA is a legally binding contract that outlines the responsibilities of a business associate (BA) in handling protected health information (PHI). It ensures that the BA will protect the confidentiality, integrity, and availability of PHI.

HIPAA Business Associate Agreement -  Update
HIPAA Business Associate Agreement – Update

Key Elements of a HIPAA BAA

1. Parties to the Agreement: Clearly identify the covered entity (CE) and the BA.
2. Scope of Work: Define the specific services the BA will provide and the PHI they will handle.
3. Permitted Uses and Disclosures: Specify the authorized uses and disclosures of PHI.
4. Safeguards: Outline the security measures the BA will implement to protect PHI.
5. Term and Termination: Establish the duration of the agreement and the conditions for termination.
6. Subcontractors: Address the use of subcontractors and their obligations.
7. Audit and Inspection: Grant the CE the right to audit the BA’s compliance with HIPAA.
8. Notification of Breaches: Require the BA to notify the CE of any PHI breaches.
9. Dispute Resolution: Specify the process for resolving disputes.
10. Governing Law: Indicate the applicable law.

Design Elements for a Professional BAA Template

1. Clear and Concise Language: Use plain language that is easy to understand. Avoid legal jargon.
2. Consistent Formatting: Maintain consistent formatting throughout the document, including font, size, and spacing.
3. Headings and Subheadings: Use headings and subheadings to organize the content and make it easier to navigate.
4. Bullet Points: Use bullet points to list items or key points.
5. White Space: Incorporate white space to improve readability and make the document visually appealing.
6. Professional Logo: Include the logos of both the CE and the BA.
7. Contact Information: Provide contact information for both parties.
8. Date and Signatures: Ensure that the document is dated and signed by authorized representatives of both parties.

See also  Freelance Writer Agreement Template

Example Sections and Subsections

1. Parties to the Agreement

Covered Entity: [Name of Covered Entity]

  • Business Associate: [Name of Business Associate]

  • 2. Scope of Work

    Services Provided: [List of services]

  • PHI to Be Handled: [Description of PHI]

  • 3. Permitted Uses and Disclosures

    Authorized Uses: [List of authorized uses]

  • Authorized Disclosures: [List of authorized disclosures]

  • 4. Safeguards

    Administrative Safeguards: [List of administrative safeguards]

  • Physical Safeguards: [List of physical safeguards]
  • Technical Safeguards: [List of technical safeguards]

  • 5. Term and Termination

    Term: [Start date and end date]

  • Termination: [Conditions for termination]

  • 6. Subcontractors

  • Subcontractor Requirements: [Requirements for subcontractors]
  • 7. Audit and Inspection

  • Audit Rights: [Rights of the CE to audit the BA]
  • 8. Notification of Breaches

  • Breach Notification: [Requirements for notifying the CE of breaches]
  • 9. Dispute Resolution

  • Dispute Resolution Process: [Process for resolving disputes]
  • 10. Governing Law

  • Governing Law: [Applicable law]
  • Additional Considerations

    Customization: Tailor the BAA to the specific needs and circumstances of the CE and the BA.

  • Legal Review: Consult with an attorney to ensure that the BAA complies with HIPAA and applicable state laws.
  • Regular Updates: Review and update the BAA periodically to reflect changes in HIPAA regulations or the relationship between the CE and the BA.

  • By following these guidelines and design elements, you can create a professional and legally compliant HIPAA BAA template that effectively protects PHI and establishes a strong business relationship.