Health Insurance Portability and Accountability Act (HIPAA) Clause
Summary
This clause requires the parties to an agreement to comply with the Health Insurance Portability and Accountability Act (HIPAA), which requires, among other things, security and confidentiality obligations for patient information maintained by the health care industry. This template includes practical guidance and drafting notes. In healthcare, there could be many parties that come into contact with Protected Health Information (PHI). Not only is the issue the interaction between the holder of the PHI and their business associates, but many of those business associates may involve the use of a subcontractor, and in turn, that subcontractor is viewed as a business associate that must also follow the non-disclosure rules. However, the covered entity is not required to obtain satisfactory assurances, in accordance with 45 C.F.R. § 164.314(a), that the business associate will appropriately safeguard the information from a business associate that is a subcontractor. 45 C.F.R. § ...