Business Associates

From Clinfowiki
Jump to: navigation, search

Business Associates, as they relate to the HIPAA Privacy Rule , are entities that have business dealings with covered entities under HIPAA, but they themselves are not covered entities. Essentially, business associates, are bound, in writing, to safeguard patient information much in the same way that covered entities are. An example of a business associate is a company that stores medical records off site for a hospital. The storage organization is responsible for ensuring that records are still kept private and confidential and should be safeguarded against loss and/or damage, much in the same way that the hospital is responsible for the safe keeping of patient records. [1]

References

  1. U.S. Department of Health and Human Services: Health Information Privacy (Business Associates) http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/businessassociates.html