But understanding what a good BAA should and shouldn`t include isn`t as intuitive as understanding that you need it at all. General provision. The confidentiality rule requires that a covered entity receive satisfactory assurances from its business partner that the business partner is adequately protecting the protected health information it receives or creates on behalf of the covered entity. Satisfactory assurances must be given in writing, whether in the form of a contract or other agreement between the targeted entity and the business partner. .

Catégories :