Depth refers to how much you might be responsible. Another way to limit liability is to cap the total dollar. This is usual for general liability (i.e. if you do not hold your end of the underlying contract), but unusual for offenses where normal practice is unlimited compensation. It is not as serious as it sounds, because the types and amounts of costs associated with responding to offences are somewhat predictable and insurable. If you know that one of your business partners has significantly violated a BAA, HIPAA rules require you to correct this or terminate the BAA. Otherwise, you could be on the hook for non-compliance by the lender. And it makes HHS very angry when entities deliberately ignore hipaa rules. The Department of Health and Human Services for Civil Rights (HHS/OCR) can impose hefty fines and remedial measures if you do not have a BAA with your AADs. In addition, if HHS/OCR monitors your organization, you must be able to provide your matching agreements and prove that you have performed due diligence with your AAS. You need to be able to identify your employee classification before you know what HIPAA requires. In accordance with the definition of the Health Information Portability and Accountability Act (HIPAA), a counterparty is any entity or person who works or provides services in connection with a covered entity that generates, treats or provides protected health information (PHI) or generates protected health information.2 When a partner/subcontractor violates or does not violate a BAA, the unit covered must take appropriate steps to correct the offence or terminate the offence.
“If such measures fail, they must terminate the contract or agreement,” HHS explains. “If termination of the contract or agreement is not possible, a covered entity is required to report the issue to the HHS Office for Civil Rights.” 1 HIPAA requires insured companies to cooperate only with business partners that guarantee full protection of the PHI. These assurances must take the form of a contract or other agreement between the insured company and BA.1 You will find here seven quick facts concerning the HIPAA Business Association (BAA) agreements. www.hhs.gov/hipaa/for-professionals/privacy/guidance/business-associates/index.htmlsearchsecurity.techtarget.com/definition/business-associatewww.mwe.com/en/thought-leadership/publications/2013/02/new-hipaa-regulations-affect-business-associates__www.hhs.gov/hipaa/for-professionals/covered-entities/sample-business-associate-agreement-provisions/index.html It is understandable that you are thinking about the pros and cons and weighing in on the financial impact.