Hipaa Business Associate Agreement Page 2
ADVERTISEMENT
1
2
3
4
5HIPAA BUSINESS ASSOCIATE AGREEMENT
This HIPAA Business Associate Agreement (“Agreement”) is entered into on the last date of signature
below
by
and
between
CompBenefits
Corporation
and/or
its
subsidiaries
(“CompBenefits”)
and
Business Associate named below (“Business Associate”).
RECITALS
A.
CompBenefits wishes to disclose certain information to Business Associate, some of which may
constitute Protected Health Information (“PHI”) (defined below).
B.
CompBenefits and Business Associate intend to protect the privacy and provide for the security of
PHI disclosed to Business Associate in compliance with the Health Insurance Portability and
Accountability Act of 1996, Public Law 104-191 (“HIPAA”) and regulations promulgated
thereunder by the U.S. Department of Health and Human Services (the “HIPAA Regulations”), as
may be amended or otherwise changed from time to time, and other applicable laws.
C.
The purpose of this Agreement is to satisfy certain standards and requirements of HIPAA and the
Privacy Rule (defined below), including, but not limited to, Title 45, Sections 164.502(e)
and 164.504(e) of the Code of Federal Regulations (“CFR”) and contained in this Agreement.
In consideration of the mutual promises below and the exchange of information pursuant to this Agreement, the
parties agree as follows:
1.
Definitions.
a.
“Designated Record Set” shall have the same meaning as the term “designated record set” in
45 CFR Section 164.501.
b.
“Individual” shall have the same meaning as the term “individual” in 45 CFR Section 164.501 and
shall include a person who qualifies as a personal representative in accordance with 45 CFR Section 164.502(g).
c.
“Privacy Rule” shall mean the Standards for Privacy of Individually Identifiable Health
Information at 45 CFR Part 160 and Part 164, Subparts A and E.
d.
“Protected Health Information” or “PHI” shall have the same meaning as the term “protected
health information” in 45 CFR Section 164.501, limited to the information created or received by Business
Associate from or on behalf of CompBenefits.
e.
“Required by Law” shall have the same meaning as the term “required by law” in 45 CFR Section
164.501.
f.
“Secretary” shall mean the Secretary of the Department of Health and Human Services or his
designee.
2.
Permitted Uses and Disclosures of PHI by Business Associate.
a.
General Use and Disclosure Provisions. Except as otherwise limited in this Agreement, Business
Associate may use or disclose PHI to perform functions, activities or services for, or on behalf of, CompBenefits
provided that such use or disclosure would not violate the Privacy Rule.
b.
Specific Use and Disclosure Provisions.
i. Except as otherwise limited in this Agreement or by law, Business Associate may use
PHI for the proper management and administration of Business Associate or to carry out
the legal responsibilities of Business Associate for those functions, activities, or services
performed for, or on behalf of, CompBenefits.
ii. Except as otherwise limited in this Agreement or by law, Business Associate may
disclose PHI for the proper management and administration of Business Associate,
provided that the disclosures are Required by Law, or Business Associate obtains
reasonable assurances in writing from the person to whom the information is disclosed
BizAssoc.HIPAA-Agreement
2
ADVERTISEMENT
0 votes
Related Articles
Related forms
Related Categories
Parent category: Business