HIPAA business associate

As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health Information (PHI) or Personal Health Records (PHR).

Examples of business associates include accounting or consulting firms that work with covered entities, such as hospitals or doctors, or any number of other organizations that have or could have access to PHI or PHR.

Updates made to the HIPAA regulation by the HITECH Act require business associates to comply with HIPAA mandates regarding the handling and use of PHI. As of February 18, 2010, the Department of Health and Human Services can audit business associates for HIPAA compliance.

This was last updated in June 2010

Continue Reading About HIPAA business associate

Dig Deeper on HIPAA



Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Does a hospital have privacy under HIPPA when a patient files a grievance through his insurance company. Second, does the patient have the right to be notified of the information uncovered by the insurance company?


File Extensions and File Formats

Powered by: