A „counterpart“ is a person or organization other than a staff member of a covered company that performs functions or activities on behalf of a covered entity or provides certain services to a classified entity that includes consideration access to protected health information. A „business partner“ is also a subcontractor that creates, receives, manages or transmits protected health information on behalf of another counterparty. HIPAA rules generally require covered companies and counterparties to enter into contracts with their trading partners to ensure that counterparties properly protect health information. The counterparty contract is also intended to clarify and, if necessary, limit the use and disclosure permitted by the counterparty of protected health information on the basis of the relationship between the parties and the activities or services of the counterparty. A counterparty may only use or disclose protected health information to the extent that its counterparty contract is authorized or required or required by law. A counterparty is directly responsible under HIPAA rules and is subject to civil and, in some cases, criminal penalties for the use and disclosure of protected health information that is not authorized by the treaty or prescribed by law. A trading partner is also directly responsible and is subject to civil penalties if it does not protect health information protected electronically in accordance with the HIPAA safety rule. b) Dismissal for cause. The consideration authorizes the termination of the agreement by a covered entity if the covered entity finds that a counterparty has violated an essential clause of the agreement [and that the counterparty has not cured or terminated the breach within the time allowed by the covered unit]. [Bracketed`s language may be added if the covered company wishes to give the counterparty the opportunity to remedy a violation or violation prior to dismissal on cause.] The Business Associate Agreement is required by HIPAA to grant a third party (3rd) („Business Associate“) access to protected health information (PHI) by a medical office („covered facility“). It outlines the rules under which personal medical records can be transmitted in accordance with federal law. After the authorization, the business partner is responsible for the protection of all protected health information shared with specific instructions in case of security violation.
It is strictly forbidden for the counterpart to sell or use health information prohibited for the subsystem. Words or phrases that are in parentheses are designed either as an optional language or as instructions for users of these rules. Considerations may help explain the relationship between BAA and the underlying agreements between the parties. Consider asking a lawyer to verify the accuracy of the recitals and all the underlying agreements. Protect your patients and your business with our free business associates models or simplify the process with our online builder. In August 2015, the HHS Office for Civil Rights (OCR) launched a compliance audit of the Centre for Children`s Health (CCDH) following an investigation by a business partner, FileFax, Inc., which recorded records containing protected health information (PHI) for the CCHR.
Comments are closed.