Business Associate Agreements
Business Associate Agreements are used to define and govern the relationship between two parties who are exchanging information and services. The Health Insurance Portability and Accountability Act of 1996, or HIPAA defines specific provisions related to Business Associate Agreements that must be executed if Protected Health Information (PHI) is created, accessed, disclosed, stored or otherwise used. The Health Information Technology for Economic and Clinical Health Act enacted under Title XIII of the American Recovery and Reinvestment Act of 2009 and the Omnibus Final Rule released in 2013 strengthened the privacy and security requirements related to Covered Entities and Business Associates.