HIPAA Privacy Regulation

Business Associate Agreement

  • A Business Associate is a separate organization, providing services to a covered entity, which require the exchange of PHI.
  • An agreement must be in place between covered entities and their business associates.
  • This agreement defines the processes that will be implemented to ensure the privacy and security of PHI.
  • Examples of Business Associates may include collection agencies, attorneys, consultants, and accountants, requiring access to PHI.
  • Business Associate agreements are not generally required between two covered entities involved in treatment, payment, or health care operations.

Earn ASCLS P.A.C.E.® credits for your AMT, ASCP, or NCA recertification requirements.

HIPAA Privacy and Security Regulations course details »

Learn more about medical technologist continuing education for MTs, MLTs, and other lab personnel »

Get information on laboratory safety training for clinical and medical laboratories »