Business Associate Checklist
According to HHS; a Business Associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information (PHI) on behalf of, or provides services to a covered entity.
Common examples of business associate relationships include claims processing, billing, data analysis, data processing, practice management, UR, QA, benefit management, claims re-pricing, legal, actuarial, accounting, consulting, management, technical support, administrative, and accreditation. A business associate is obligated not to use or further disclose Protected Health Information (PHI) other than as permitted or required by the BA agreement or as Required By Law.
The business associate must sign the organization's BA agreement prior to performing any services which obtains satisfactory written assurance that the business associate will appropriately maintain the privacy and security of the PHI and fulfill HIPAA business associate obligations.
To determine a business associate please refer to our Business Associate Checklist.
This checklist is provided for information purposes only and does not constitute legal advice. Loricca recommends reviewing the status of your vendors with your legal counsel to determine their status.