Knowledge Base

This Business Associate Agreement (the “Agreement”) complements and forms an integral part of the underlying service agreement, including the Terms of Service (collectively referred to as the “Underlying Agreement”), between Peerlogic, Inc. (“Peerlogic”) and its customer (“Customer”). This Agreement is designed to ensure that both parties adhere to the Health Insurance Portability and Accountability Act and its implementing regulations, 45 C.F.R. Part 164 (collectively known as “HIPAA Rules”). The terms set forth in the Underlying Agreement are applicable to the parties’ obligations under this Agreement, insofar as they are not in conflict with the terms of this Agreement.

This Business Associate Agreement (the “Agreement”) is made and entered into by and between Peerlogic, Inc. (“Business Associate”) and [Client Name]______________________ (“Covered Entity”) collectively referred to as the “Parties.”

This Agreement supplements and is made a part of the service agreement or terms of service (the “Underlying Agreement”) entered into by the Parties. The purpose of this Agreement is to comply with the requirements of the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (“HIPAA”), and its implementing regulations.

• Definitions: Terms used, but not otherwise defined in this Agreement, shall have the same meanings ascribed to them in the HIPAA Rules.
• Obligations of Business Associate:
  • Business Associate agrees to not use or disclose Protected Health Information (PHI) other than as permitted or required by this Agreement or as Required By Law.
  • Business Associate agrees to implement appropriate safeguards to prevent unauthorized use or disclosure of PHI, including implementing requirements of HIPAA Security Rule with respect to electronic PHI.
  • Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement and any breaches of unsecured PHI as required by law.
  • Business Associate agrees to ensure that any subcontractors agree to the same restrictions and conditions on PHI.
  • Business Associate agrees to provide PHI access to Covered Entity or an individual as directed by Covered Entity in compliance with HIPAA.
  • Business Associate agrees to make any amendments to PHI as directed by Covered Entity in compliance with HIPAA.
• Permitted Uses and Disclosures by Business Associate:
  • Business Associate may use or disclose PHI to perform services for Covered Entity as specified in the Underlying Agreement.
  • Business Associate may use PHI for the proper management and administration of the Business Associate or to carry out legal responsibilities.
  • Business Associate may disclose PHI for the proper management and administration of the Business Associate, provided the disclosures are required by law or Business Associate obtains reasonable assurances from the recipient of the PHI.
• Obligations of Covered Entity:
  • Covered Entity shall notify Business Associate of any limitation(s) in its notice of privacy practices.
  • Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by an individual to use or disclose PHI.
  • Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under HIPAA.
• Term and Termination:
  • The term of this Agreement shall be effective as of the date of the Underlying Agreement and shall terminate when all PHI is destroyed or returned to Covered Entity or, if it is infeasible to return or destroy PHI, protections are extended to such information in accordance with the termination provisions in this Agreement.
  • Upon termination of this Agreement, Business Associate shall return or destroy all PHI received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity.
• Miscellaneous:
  • Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits compliance with HIPAA.
  • The Parties agree to amend this Agreement from time to time as is necessary for compliance with the requirements of HIPAA and other applicable laws.

This Agreement may be executed in counterparts, each of which shall be deemed an original, and which together shall constitute one and the same instrument.