However, if the covered entity has performed its due diligence prior to the conclusion of an agreement, these situations are rare. Assuming that the covered company is diligent, it is unlikely that the covered business will be guilty if a supplier violates the BAA and in any way violates HIPAA. If the creditor signs the document, he assumes responsibility for safeguarding the PHI. From award-winning HIPAA training to contracts and agreements, we can meet your requirements so that you have protected your business. If you hire a contractor and process PHI that goes through your business first, you must sign a BAA with that contractor. Your business partners must then sign HIPAA contract forms with their business partners. BAAs both respect HIPAA rules and create a relationship of responsibility between the two parties. If one party violates a BAA and reveals the PHI, it has the other legal status. If there is no BAA or incomplete, or if the agreement is ruthlessly violated, both employees may find themselves in the crosshairs of the Department of Health Services and Human Resources, the Civil Rights Office and perhaps even the Department of Justice.
But let`s be honest… It is difficult, if not impossible, to run a business without the help of third parties. Hiring outside help when you need extra hands or if you have special needs is often made sense by business. A business partner should also be drawn to the consequences of non-compliance with HIPAA requirements. The counterparties may be directly sanctioned by the authorities for the supervision of hip-hop offences. Contractors who work exclusively for your business, individuals with other customers, and employees hired through a company are not business partners. However, your company is liable if one of these people violates the PHI. If you hire a subcontractor and the contractor comes into contact with a PHI, you must execute a BAA between the two of you. The data protection rule stipulates that all counterparty contractors must consent to restrictions identical to those of the original counterparty. Don`t just take headaches into account, you also think about what you promise your customers.
Do you assure them that the sensitive information they give you will be protected? Direct employees do not need to sign a BAA. This is because the people who work for you are part of your organization and are not considered business partners.