HIPAA, the Health Insurance Portability and Accountability Act, is a complicated and comprehensive federal law designed to safeguard the privacy of our health records, or what’s called Protected Health Information (PHI).
One of those protections is the requirement that any company or organization doing business with a Covered Entity (a medical facility or social services agency, among others), must have a Business Associate Agreement (BAA) in place that acknowledges and spells out how confidentiality will be maintained.
Some Business Associate Agreements I’ve seen are lengthy, typed in 9 point font or less, and filled with so much legalese that the “whereases” and “heretofores” render the agreement almost impossible to read, even by those of us with decent educations, advanced degrees and experience with this stuff.
Although my clients are health professionals and know – and fully agree with – the litany, I hated the idea of asking them to sign off on a document that makes one’s eyes glaze over. (Strictly speaking, my clients, as the Covered Entities, are supposed to have me sign their BAAs, but I decided to just make it easier on everyone, and develop one for our use.)
That took some doing! As mentioned above, the examples I found on-line were not particularly user-friendly. However, with some research, I was able to find a decent version that I could adapt. It’s a good document to have in our mutual files, as yet another reminder of how important maintaining confidentiality is in protecting us all.
Do you have a signed BAA with your bookkeeper, your contracted IT guy, or anyone else who might have access to client info?
Don’t neglect or delay addressing this, for your own professional safety.
Contact Linda at 207 / 713.0674 (call or text) or by email at LSnyder@heritagehealthservices.org to discuss how she can help with practice management and back office operations so you can do the more important work of running your business, not being your business.
Categories: Confidentiality & HIPAA