Business Agreement Hipaa
[ii] U.S. Department of Health — Human Services (HHS.gov, Health Information Privacy). Available under www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/ccdh/index.html What is a Business Associate?» «counterparty»: a person or organization that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered company or that provide services to a covered business; An insured company staff member is not a business partner. A covered health care provider, health plan or health care clearinghouse may be a counterpart to another insured company. The data protection rule lists some of the functions or activities and related services that make an individual or organization a business partner when the activity or service involves the use or disclosure of protected health information. The types of functions or activities that can make an individual or organization a counterpart include payment or health transactions, as well as other functions or activities governed by administrative simplification rules. If this agreement is terminated for any reason, counterparties, with respect to protected health information received by companies covered, or created, maintained or received by counterparties on behalf of the insured company, is: the counterparty contract is a contract that defines the types of protected health information (PHI) made available to the counterparty, the authorized uses and disclosures of PHI, the measures to be implemented to protect this information (e.g. B encryption at rest and during transit), and the measures that the BA must take in the event of a security breach, the PHI. A «counterpart» is a person or organization other than a staff member of a covered company that performs functions or activities on behalf of a covered entity or provides certain services to a classified entity that includes consideration access to protected health information. A «business partner» is also a subcontractor that creates, receives, manages or transmits protected health information on behalf of another counterparty. HIPAA rules generally require covered companies and counterparties to enter into contracts with their trading partners to ensure that counterparties properly protect health information.