Organizations considered by the Health Insurance Portability and Accountability Act (HIPAA) as a “covered entity” are required to establish Business Associate Agreements (BAA) with their associates and subcontractors. If your business categorizes as such, it would be good to know how to write a BAA agreement.

This article will help guide you through the basics of writing a BAA and its importance in contract management. Read on to know more about HIPAA BAA.

Table of Contents

How to Write a Business Associate Agreement

One thing you have to know about a BAA is that it is a legally binding agreement. This means that you have to be careful when preparing the document, and the best way to achieve this is by using a Business Associate Agreement Template.

Outlines on any Business Associate Agreement:

Basic information—Since this is a contract, the document will include the date the agreement was created, the full legal names of the parties involved, and the acceptance of the terms. It should also be signed and dated with the date the signature was affixed.
Acknowledgment—One of the first things included in the template outline is an acknowledgment of HIPAA and why it is relevant to both parties’ business relationships. It is best to be as clear and direct as possible.
Nature of the PHI – The PHI accessed by the business associate and its subcontractors is outlined clearly.
Permissible VS impermissible – The PHI’s permissible and impermissible uses are clearly defined and established in the relevant case law, legislation, and rules.
Liability and consequences—Since the US Department of Health and Human Services (HHS) can audit business associates and their subcontractors at any time, the language included in the BAA will hold either party responsible for a breach. Otherwise, you may get in serious trouble for violating HIPAA.
Protocol for employee HIPAA training—Establish a protocol for HIPAA training among both parties’ employees. This will safeguard your PHI.
Procedure in the event of a data breach—The procedures to be taken in case of a data breach are clearly outlined. Identify the steps you will need to take to mitigate the harm malicious third parties may cause.
Procedure for returning or destroying PHI – The agreement will also include information on how both parties should return and destroy PHI when required.

When trying to draft a HIPAA BAA agreement, always keep an eye on the regulations and rules of HIPAA. This is a good way to ensure that you have covered everything.

Download the Free Business Associate Agreement

Here is a preview of a Business Associate Agreement Template. You can use this document for free on Fill. All contents are premade and fully compliant with the latest HIPAA standards.

Feel free to edit to fit your business or practice and conveniently share with all parties for quick and easy signing.

Business Associate Agreement (BAA)

USE THIS FREE TEMPLATE

Use Fill To Create a Business Associate Agreement

When creating a Business Associate Agreement, it’s best to either seek help from a seasoned professional or start with a template. If you are using a BAA template, you need to make sure that it is up to date with the BAA checklist.

Fill regularly updates its templates to ensure our account holders are always up-to-date with the policies.

You can register for a free account to use the template and personalize it to your needs.