By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    UV damage to eyes
    Warning Signs of Long-Term UV Damage to Your Eyes
    December 9, 2021
    degree for healthcare job
    The Ultimate Healthcare Recruiting and Staffing Guidebook
    March 21, 2022
    medicare part d benefits
    Everything that You Need to Know About Medicare Part D
    August 15, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    Conservatives: The Utah Health Exchange is Not a Model
    July 23, 2011
    Medical Malpractice Reform Losing Physician Support
    November 7, 2011
    Hospitals Aim to Apply Direct Payments of Care Delivery to Increase Resources
    August 28, 2012
    Latest News
    Top HIPAA-Compliant Messaging Apps for Healthcare Teams
    June 25, 2025
    When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
    June 20, 2025
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
    Strengthening Healthcare Systems Through Clinical and Administrative Career Development
    June 13, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: HIPAA Hosting: What’s in a Business Associate Agreement?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Technology > HIPAA Hosting: What’s in a Business Associate Agreement?
Technology

HIPAA Hosting: What’s in a Business Associate Agreement?

onlinetech
Last updated: November 10, 2011 8:41 am
onlinetech
Share
3 Min Read
SHARE

You’re a covered entity (your company processes, stores or transfers any type of patient information), and you’re outsourcing your HIPAA hosting services to a third party (an IT vendor, a billing company, etc.).

But before you can do that, you need to sign a business associate agreement (BAA) with your business associate (BA), according to the HIPAA Privacy Rule. But what’s in a business associate agreement contract?

You’re a covered entity (your company processes, stores or transfers any type of patient information), and you’re outsourcing your HIPAA hosting services to a third party (an IT vendor, a billing company, etc.).

But before you can do that, you need to sign a business associate agreement (BAA) with your business associate (BA), according to the HIPAA Privacy Rule. But what’s in a business associate agreement contract?

More Read

Red Tape and Telehealth for Cost Savings
Now Your iPhone Can Take Your Pulse
Top 10 Quotes From Harvard’s First Forum On Healthcare Innovation
How Technology Will Improve the Future for Rare Diseases
BioPharma Beat: Imagination Is More Important Than Innovation

The U.S. Department of Health and Human Resources (HHS) has a sample business associate contract available on its site listing all the provisions for those that are curious.

While this shouldn’t be copied precisely and is more of a guide than a complete document, it does offer insight into the general terms that a BAA should address, with the addition of customized provisions specific to certain companies’ needs. A summary of the primary provisions include:

  • Obligations and Activities of Business Associate
    • No use or disclosure of protected health information (PHI) unless it’s permitted or required by law.
    • Must use proper safeguards to prevent use or disclosure of PHI.
    • Mitigation in the event of a data breach.
    • Must report any use or disclosure of PHI.
    • Ensures others (subcontractors) agree to the same BAA.
    • Allows CE access PHI.
    • Must create documented HIPAA policies and procedures.
    • Document any PHI disclosures.
  • Permitted Users and Disclosures by Business Associate
    • Specifies when BA can use or disclose PHI on behalf of the CE.
  • Specific Use and Disclosure Provisions (if applicable)
    • When or why a BA would disclose or use any PHI, to report law violations, with CE permission, or to provide any kind of data aggregation reports to the CE).
  • Obligations of Covered Entity
    • The CE will notify the BA of any changes in permission (including restrictions or revocation) of the individual to use or disclose PHI.
  • Permissible Requests by Covered Entity
    • Terms and effective dates
    • How PHI will be handled after termination (returned or destroyed)
    • Reasons for termination

If you’re a covered entity, protect your company and your patients/clients by signing a thorough BAA. As a best practice recommended for HIPAA compliance, it will only strengthen your ability to pass a HIPAA audit, should the auditors come to your door.

Have other questions about compliance and BAAs? Read our HIPAA FAQ to find answers about BAs, hosting and agreements. Source: Business Associate Contracts

TAGGED:business associate agreementhipaa business associatesHIPAA complianceHIPAA compliant hostingHIPAA hosting
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

women dental care
What Is a Smile Makeover and How Much Does It Cost?
Dental health
June 30, 2025
HIPAA-Compliant Messaging Apps
Top HIPAA-Compliant Messaging Apps for Healthcare Teams
Global Healthcare Policy & Law Technology
June 25, 2025
recovering from injury
Rebuilding After Injury: Path to Physical and Emotional Recovery
News
June 22, 2025
scientist using microscope
When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
Global Healthcare
June 18, 2025

You Might also Like

Hormone Therapy for Traumatic Brain Injuries

September 8, 2013

Medical Megatrends Stem Cells – Part III

August 29, 2012

23andWho?

February 1, 2014
hospital technologies
Hospital AdministrationTechnology

Amazing Hospital Technologies that Improve Patient Care in 2025

December 27, 2024
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?