skip to Main Content

Business Associates Agreement

General Provision

The Privacy Rule requires that a covered entity obtain satisfactory assurances from its business associate that the business associate will appropriately safeguard the protected health information it receives or creates on behalf of the covered entity. The satisfactory assurances must be in writing, whether in the form of a contract or other agreement between the covered entity and the business associate.

Privacy Documents

OfficeSafe’s Privacy Document Tool helps you execute and store your required HIPAA Privacy Documents.


A covered entity must obtain the individual’s written authorization for any use or disclosure of protected health information that is not for treatment, payment or health care operations or otherwise permitted or required by the Privacy Rule. A covered entity may not condition treatment, payment, enrollment or benefits eligibility on an individual granting an authorization, except in limited circumstances.

Privacy Practices Notice

Each covered entity, with certain exceptions, must provide a notice of its privacy practices. The Privacy Rule requires that the notice contain certain elements. The notice must describe the ways in which the covered entity may use and disclose protected health information. The notice must state the covered entity’s duties to protect privacy, provide a notice of privacy practices and abide by the terms of the current notice. The notice must describe individuals’ rights, including the right to complain to HHS and to the covered entity if they believe their privacy rights have been violated. The notice must include a point of contact for further information and for making complaints to the covered entity. Covered entities must act in accordance with their notices. The Rule also contains specific distribution requirements for direct treatment providers, all other health care providers and health plans.

PCI Compliance

PCIHIPAA works directly with a Qualified Scanning Assessor (QSA) to provide your practice with your annual PCI Certification.  Obtaining your PCI Certificate is required if you accept credit cards as a means of payment.  As a compliant healthcare provider, you are also eligible to receive healthcare credit card processing rates.  PCIHIPAA PCI Certification>>

OfficeSafe™ Business Associate Agreement Tool

HIPAA protects patients and PCIHIPAA protects you.
Our OfficeSafe Compliance Program provides you with the solutions you need to experience a greater level of confidence about HIPAA compliance and patient data protection.  We also protect your practice with a $500,000 guarantee in case of a data breach, cyber-attack or HIPAA fine.

Create, execute and store your HIPAA required Business Associate Agreements through our easy-to-use interface.

HIPPA -Business Associate Agreement-Management Portal

Quickly review which agreements have been created, emailed, and signed on our intuitive dashboard.


HIPPA Business Associate Agreement Platform

Easily create custom Business Associate Agreements with their basic information.

Back To Top