The Business Associate Agreement (BAA) Review is a crucial step in HIPAA Compliance; unfortunately, most people believe the simple act of signing a BAA is enough. However, real due diligence for a BAA means you must ask questions, sometimes tough ones.
Someone else’s BAA won’t work for your needs either; this is where ACS comes in. We ask the tough questions you don’t know to ask. Are they trained? Are they insured? Can they even abide by what is in the document? Do they accept fiscal responsibility if they cause a breach? We have found that most vendors either can’t or won’t comply with what is in the BAA. Furthermore, the BAA may have a clause that relieves the vendor of any fiscal accountability, even if it is their responsibility.