Tips for Negotiating Business Associate Agreements with Health IT Vendors

Jordan A. Stivers, Bradley Arant Boult Cummings LLP, Nashville, TN

When healthcare providers contract with health IT vendors for products and services such as an electronic health records (EHR) system, cloud hosting services, or connected devices, the vendor will most likely become the provider’s “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).1 HIPAA requires covered entities and business associates to enter into a business associate agreement (BAA) that outlines the responsibilities of each party to ensure that patients’ protected health information (PHI) is secure.2

Premium Content For:
  • Health Law Section
    • ABA Health eSource
Join - Now