Purpose

The purpose of this Agreement is to satisfy the obligations of UTHSC and Contractors under HIPAA, and to ensure the integrity, confidentiality, privacy and security of UTHSC’s PHI.

Scope

Under the Privacy Rules, PHI cannot be disclosed to business associates without having in place a written contract that includes specific privacy protections. Business Associate Agreements (BAA) are critical to safeguarding PHI when used or disclosed by service providers such as third party administrators, benefit consultants and attorneys – not otherwise covered by the privacy rules. UTHSC has developed a standard Business Associate Agreement that should be used in any newly established business associate relationship, new contracts or any contracts with existing relationships that are being renewed.

BAA Agreement

See HIPAA Procedure H141 BAA – UTHSC Standard Agreement.