How do I determine who is a Business Associate to our practice?
A Business Associate is formally defined as: "a person or entity that performs certain functions or activities that involve the use or disclosure of PHI (protected health information) on behalf of, or provides services to, a covered entity" (Reminder: Your practice is a covered entity).
A member of the covered entity's workforce is not a business associate. Common examples of business associates (but not a complete list) includes:
- Billing service
- Cloud storage provider
- A consultant that performs file reviews or audit consulting where PHI identifiers have not been removed
- An independent medical transcriptionist that provides transcription services to a health care provider