The Business Associate Agreement and HIPAA/HITECH rules require your practice to sign a contract with business associates that ensures that they will protect any patient's PHI you provide to them in the same manner as you are required under the rule.
There are several HIPAA and HITECH requirements concerning business associate contracts. Attention should be paid to the use of contracts for business associates on the subject of Internet hosted or non-hosted practice management/EHR applications. This is important because of the HITECH Act’s requirements for the promotion of health information technology.
Here are some basic rules for identifying business associates with whom you must contract:
Click below if you are interested in our HIPAA Compliance Program and would like to download a sample of MedSafe's Business Assocate List.