A Business Associate Agreement (BAA), is a written arrangement that specifies each party’s responsibilities when it comes to PHI.
The HIPAA Privacy Rule requires all covered entities (CEs) to have a signed BAA with any Business Associate (BA) they hire that may come in contact with PHI.
According to HHS, a BAA must include the following information:
- Description of the permitted and required use of PHI by the BA.
- Provide specific requirements regarding how and when the BA will not use or further disclose PHI.
- Outline requirements for the BA to use appropriate safeguards to prevent inappropriate PHI use or disclosure.
This checklist will guide you through the process of creating and implementing a BAA.
As a covered entity, you will need to work in tandem with the BA to complete the agreement. This need for collaboration has been taken into account as the approval tasks require approval from both the CE and BA.
This means that you can efficiently move through the process knowing that there will not be any disagreements or disruptions when it comes time to confirm and implement the agreement.
Let's get started!
A little info about Process Street
Process Street is superpowered checklists. By using our software to document your processes, you are instantly creating an actionable workflow in which tasks can be assigned to team members, automated, and monitored in real-time to ensure they are being executed as intended, each and every time.
The point is to minimize human error, increase accountability, and provide employees with all of the tools and information necessary to complete their tasks as effectively as possible.