Under the U.S. Health Insurance Portability and Accountability Act of 1996, a HIPAA business associate agreement (BAA) is a contract between a HIPAA-covered entity and a HIPAA business associate. The contract protects personal health information (PHI) in accordance with HIPAA guidelines.
Contract Guardian clients are responsible for determining whether they are subject to HIPAA requirements and whether they use or intend to use Contract Guardian services in connection with PHI. Clients who have not entered into a BAA with Contract Guardian must not use Contract Guardian services in connection with PHI.
Protected Health Information (PHI) includes:
"Under HIPAA, certain information about a person's health or health care services is classified as Protected Health Information (PHI). Contract Guardian clients who are subject to HIPAA and wish to use Contract Guardian with PHI must sign a Business Associate Agreement (BAA) with Contract Guardian. HIPAA BAA is only available with our Enterprise Edition."