Skip Navigation

Revised HIPAA Business Associate Contract Coming

Bookmark and Share

NAID has retained the services of one of the country’s most prominent privacy attorneys to revise the current HIPAA Business Associate (BA) contract provided to members. 

One of the many changes to HIPAA included in the American Recovery and Revitalization Act (the stimulus package) will require all Covered Entities to modify their contracts with third-party service providers who process Protected Health Information.  The modifications to the BA contract are required to ensure that a number of other new requirements of HIPAA are included. 

Because the new HIPAA requirements will be rolled out in two phases, in the near term, NAID will simply provide language that can be added to current contracts. This language will state that the member agrees to abide by the new HIPAA requirements that are already effective.  Then, near the end of the year, when the rulemaking process is completed, NAID will release a completely new contract. (See “FTC SEEKS DATA BREACH NOTIFICATION COMMENTS” below) 

NAID will be releasing a white paper the first week of May with a full analysis of what is being called HIPAA 2.0.