top of page

Business Associate (BA) Agreement - HIPAA Requirements

Updated: Jul 10, 2023

Dear Healthcare Businesses,

It is imperative that any outside consultant you use for your business has the proper corporate structure, legal team backing them, is properly insured, and has these agreements in place with your business as per the law.

Read more, you'll thank us later ;)

What is a Business Associate (BA) Agreement?

It is a written plan that specifies each party's responsibilities in relation to PHI (Protected Health Information).

According to HIPAA, covered entities are required to work with Business Associate ONLY to have a complete protection of PHI.

In order to meet the requirements and have a PHI full protection, an organization must have a BAA for all three levels (covered entities, business associate, and business associate subcontractor) and guarantee a PHI full protection

The Business Associate/Subcontractor Agreement must include the following information, according to HHS:

  • Describe the permitted and required PHI uses by the Business Associate/Subcontractor

  • Provide that the Business Associate/Subcontractor will not use or further disclose PHI other than as permitted or required by the contract or as required by law;

  • Require the Business Associate/Subcontractor to use appropriate safeguards to prevent inappropriate PHI use or disclosure.

Emmauel Consulting Agency Inc is a consulting firm that is ready to handle your most delicate company matters all while protecting your company's, patients', and staff's personal information. We provide mock auditing services, monthly compliance checks, plan of correction implementation and more! We take privacy seriously with our secured domains and internal compliance policy.


"Business Associate Agreement: Everything Explained". 2.1.2021.

If you have any questions, do not hesitate to contact Emmanuel Consulting Agency.

8 views0 comments


bottom of page