Business Associate Agreement Research Purposes

Question 6: I am a researcher who has obtained a certificate of confidentiality for my studies. Do I need a HIPAA privacy authorization if I already have a privacy certificate? What is a business associate? «counterparty»: a person or organization that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of a covered company or that provide services to a covered business; An insured company staff member is not a business partner. A covered health care provider, health plan or health care clearinghouse may be a counterpart to another insured company. The data protection rule lists some of the functions or activities and related services that make an individual or organization a business partner when the activity or service involves the use or disclosure of protected health information. The types of functions or activities that can make an individual or organization a counterpart include payment or health transactions, as well as other functions or activities governed by administrative simplification rules. A covered company may only use or disclose a limited set of data if the company concerned receives satisfactory assurance, in the form of a data usage agreement, that the recipient of a limited data set will only use or disclose protected health information for limited purposes. A counterparty agreement may authorize a counterparty to make the use and disclosure of PHI that the covered entity is authorized to do itself in accordance with the HIPAA data protection rule. See 45 C.F.R. 164.504 (e). In addition, the data protection rule allows a counterparty to enter into an agreement authorizing a consideration (for example).

B an EO) to: (1) Phi for the proper management and management of the counterparty in accordance with the 45 C.F.R. and (2) to provide data aggregation services in relation to the health activities of the covered institutions for which it has entered into agreements. In most cases, the authorized uses and advertisements established by a counterparty agreement vary depending on the functions or services that the counterparty must provide to the entity concerned. Similarly, the counterparty agreement between a covered entity and an HIO E depends on a number of factors, such as. B.dem the purpose of the electronic exchange of information that the HIO is supposed to manage, the specific functions or services that the E HIO must perform for the covered entity and any other legal obligation that an HIO may have with regard to the PHI. For example, counterparty agreements between covered companies and an IMO may authorize the HIO: the management and management exception.