Business Associates Agreements (BAA)
- A HIPAA business associate agreement (BAA) is a contract between a HIPAA-covered entity (Giva's customer) and a HIPAA business associate (Giva). The contract protects personal health information (PHI) in any electronic health or medical record of the HIPAA-covered entity in accordance with HIPAA regulations.
- The signed BAA contractually obligates Giva to protect our customer's PHI. This means that Giva shares liability with our customers in the very unlikely event of a data breach.
- The signed BAA contractually binds the service provider to protect PHI. This means the service provider shares liability with the covered entity in the event of a data breach.
- A BAA clearly defines the roles and responsibilities of Giva in protecting PHI in hospital and healthcare electronic health or medical records.
- Cloud help desk software used by a hospital or healthcare organization without a BAA is not HIPAA complaint.