Under HIPAA rules, this term refers to an outside person/entity that performs a service on behalf of the health care provider (including a researcher) or the health care institution during which individually identifiable health information is created, used, or disclosed. For example, web hosting or data storage companies will be business associates if they receive protected health information. In addition, third parties that handle billing for a research study, or recruitment and screening, will also be business associates. Certain exceptions apply.
Under HIPAA, the person or organization that performs a service on behalf of a covered entity but that is a covered employee, such as an agent or broker.
an agency (which can include covered entities) that provides services, which involve the disclosure of individually identifiable health information
an entity that performs a function for a covered entity
an entity that provides certain services to the Practice or assists the Practice in undertaking some functions, such as a billing company that assists the Practice in submitting claims for payment to insurance companies
an individual or entity under contract with the PROVIDER to perform or assist PROVIDER in a function or activity which necessitates access to, or the use or disclosure of, private health information
an individual or entity under contract with us to perform or assist UMDNJ in a function or activity which requires the use or disclosure of health information
an individual (other than an employee or member of your workforce) or group who has a legitimate reason to get protected health care information (billing services, attorneys, etc
an organization or person, other than a member of a covered entity's workforce, who receives electronic protected health information (PHI) to provide services to, or on behalf of, a covered entity
an outside entity that accesses, uses, or creates PHI in providing services to a Covered Entity
a person or company that performs certain functions or activities that involve the creation, use or disclosure of protected health information (PHI) on behalf of, or provides services to, VUMC
a person or entity (including other covered entities) who performs any activity on behalf of the covered entity using PHI, including claims processing, utilization functions, billing, practice management, functions, etc
a person or entity, other than a workforce member, that performs a function that involves PHI for a healthcare component of UNT
a person or entity that is not a member of the work force and who, on behalf of DOEA through legal agreement, performs or assists in the performance of a function or activity involving the use of individually identifiable health information
a person or entity that is not a part of NCSU's workforce that performs certain functions, activities or services for NCSU's covered health care components involving the use and/or disclosure of PHI
a person or entity that performs certain functions or activities that involve the use or disclosure of PHI on behalf of, or provides services to, a covered entity i
a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, UPHS/SOM
a person or entity who provides certain functions, activities, or services for or to a covered entity, involving the use and/or disclosure of PHI
a person or organization that accesses, discloses, or uses protected health information (PHI) in order to perform a function, service, or activity by or on behalf of VUMC
a person or organization who performs a function
a third-party service provider, such as a third-party administrator or an EAP provider, who creates or receives "protected health information" ("PHI") for the benefit of plan participants
A person or entity who, on behalf of a covered entity, performs or assists in performance of a function or activity involving the use or disclosure of individually identifiable health information, such as data analysis, claims processing or administration, utilization review, and quality assurance reviews, or any other function or activity regulated by the HIPAA Administrative Simplification Rules, including the Privacy Rule. Business associates are also persons or entities performing legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services to or for a covered entity where performing those services involves disclosure of individually identifiable health information by the covered entity or another business associate of the covered entity to that person or entity. A member of a covered entity's workforce is not one of its business associates. A covered entity may be a business associate of another covered entity.
Business Associates are individuals or organizations to whom we give PHI so that they can perform specific functions or services for OHSU. Some examples of Business Associates are data archival services, transcription services, consultants, and software vendors. Close Window
An individual or entity that is not a member of Duke Health Enterprise (DHE) but that is acting on behalf of DHE or is receiving protected health information in the course of providing services to DHE.
A person or organization that performs a function or activity on behalf of a covered entity, but is not part of the covered entity's workforce. A business associate can also be a covered entity in its own right
(BA): Under HIPAA, a person or organization that performs a function or activity on behalf of a covered entity (CE). Medical telephone answering services are generally classified as a BA and not a CE.
A person who performs a function or activity on behalf of a covered entity. It excludes a person who is part of the covered entity’s workforce.