Free template

HIPAA Business Associate Agreement Template

Clearly define responsibilities regarding protected health information with this HIPAA Business Associate Agreement.

Downloaded 3229 times

HIPAA Business Associate Agreement Template

HIPAA Business Associate Agreement Template

This HIPAA Business Associate Agreement ("Agreement") is entered into as of [Date], by and between:

Covered Entity: [Full Name / Company Name]
Address: [Address]
Email: [Email Address]
Phone: [Phone Number]

and

Business Associate: [Full Name / Company Name]
Address: [Address]
Email: [Email Address]
Phone: [Phone Number]

Together referred to as the "Parties."


1. Purpose

This Agreement is intended to ensure compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, specifically regarding the safeguarding of Protected Health Information (PHI).


2. Definitions

  • PHI (Protected Health Information): Individually identifiable health information transmitted or maintained in any form.

  • Covered Entity: A healthcare provider, health plan, or healthcare clearinghouse subject to HIPAA.

  • Business Associate: A party that performs functions involving PHI on behalf of the Covered Entity.


3. Permitted Uses and Disclosures

The Business Associate may use or disclose PHI only:

  • As required to perform services for the Covered Entity

  • As permitted by this Agreement

  • As required by law


4. Safeguards and Security

The Business Associate agrees to:

  • Implement administrative, physical, and technical safeguards to protect PHI

  • Comply with the HIPAA Security Rule for electronic PHI (ePHI)

  • Prevent unauthorized use or disclosure of PHI


5. Reporting of Breaches

The Business Associate must:

  • Report any use or disclosure of PHI not permitted by this Agreement

  • Notify the Covered Entity of any breach of unsecured PHI within [X] days of discovery

  • Cooperate with the Covered Entity’s investigation and response efforts


6. Subcontractors and Agents

The Business Associate shall ensure that any subcontractor or agent who has access to PHI agrees in writing to the same restrictions and conditions outlined in this Agreement.


7. Access and Amendments

Upon request by the Covered Entity, the Business Associate will:

  • Provide access to PHI in a designated record set

  • Make amendments to PHI as directed by the Covered Entity


8. Accounting of Disclosures

The Business Associate shall document and provide an accounting of disclosures of PHI upon request by the Covered Entity or the patient.


9. Return or Destruction of PHI

Upon termination of this Agreement, the Business Associate shall:
☐ Return all PHI to the Covered Entity
☐ Destroy all PHI (with written confirmation)
☐ If return or destruction is not feasible, extend protections of this Agreement to the PHI retained


10. Term and Termination

  • This Agreement shall remain in effect for the duration of the services and until all PHI is returned or destroyed.

  • The Covered Entity may terminate this Agreement immediately if the Business Associate is found to be in material breach.


11. No Third-Party Beneficiaries

This Agreement is intended solely for the benefit of the Parties and does not create rights in any third party.


12. Governing Law

This Agreement shall be governed by the laws of [State] and applicable federal HIPAA regulations.


13. Entire Agreement

This document constitutes the full understanding between the Parties regarding PHI and supersedes all prior written or oral agreements related to the subject matter.

IN WITNESS WHEREOF, the Parties have executed this HIPAA Business Associate Agreement as of the date first written above.


Covered Entity Signature
Name:
Title:
Date:


Business Associate Signature
Name:
Title:
Date:


Generate

Generate
Generate

HIPAA Business Associate Agreement Template

HIPAA Business Associate Agreement Template
HIPAA Business Associate Agreement Template

in seconds with AI

in seconds with AI
in seconds with AI

Save time and avoid mistakes!

Try for Free

Details

Learn more about

HIPAA Business Associate Agreement Template

Click below for detailed info on the template.
For quick answers, scroll below to see the FAQ.

Click below for detailed info on the template.
For quick answers, scroll below to see the FAQ.

HIPAA BUSINESS ASSOCIATE AGREEMENT FAQ


What is a HIPAA business associate agreement?

A HIPAA business associate agreement (BAA) is a legally binding contract between a HIPAA-covered entity and a business associate that will have access to protected health information (PHI). It clearly outlines how PHI will be used, disclosed, secured, and safeguarded in compliance with federal privacy regulations.


Why do you need a HIPAA business associate agreement?

A BAA is required under HIPAA to ensure that any third party handling PHI on behalf of a covered entity complies with strict privacy and security standards. It defines each party’s responsibilities, protects sensitive patient data, and helps avoid costly fines for noncompliance.


When should I use a HIPAA business associate agreement?

Use a BAA whenever a third party—such as a vendor, contractor, or service provider—will access, process, or store PHI on behalf of a healthcare provider, insurer, or other covered entity. This applies to both ongoing partnerships and one-time services.


How to write a HIPAA business associate agreement?

Clearly define the permitted and prohibited uses of PHI, outline security measures, set breach notification procedures, specify compliance obligations, and include termination terms for violations. Ensure the agreement meets all HIPAA and HITECH Act requirements.


Need a HIPAA-compliant BAA fast?

Use our AI-powered contract builder to create a fully customized, regulation-compliant HIPAA business associate agreement in minutes.

Similar templates

Other templates from

Policy and Compliance Documents

Money back guarantee

Free trial

Cancel anytime

AI Lawyer protects

your rights and wallet

🌐

Company

Learn

Terms

©2025 AI Lawyer. All rights reserved.

Money back guarantee

Free trial

Cancel anytime

AI Lawyer protects

your rights and wallet

🌐

Company

Learn

Terms

©2025 AI Lawyer. All rights reserved.

Money back guarantee

Free trial

Cancel anytime

AI Lawyer protects

your rights and wallet

🌐

Company

Learn

Terms

©2025 AI Lawyer

Money back guarantee

Free trial

Cancel anytime

AI Lawyer protects

your rights and wallet

🌐

Company

Learn

Terms

©2025 AI Lawyer. All rights reserved.