The most common agreement between a covered company and its third-party supplier is BAA. BaA is more common than the term QSOA for health care providers, simply because a large majority of the companies covered are not qualified as Part 2 programs and, as a result, covered companies use BAAs much more often than QSOAs. The federal rules for Part 2 programs apply before our current framework for patient privacy thinking, HIPAA. The second part has its origins in the drug revolution of the 1970s. It was necessary to protect drug treatment protocols more strictly than other medical records in order to avoid the stigma of addiction and the fear of those seeking addiction assistance from prosecution. The goal was to encourage people to seek treatment. With the increase in drug abuse, 42 CFR Part 2 has become a hotly debated topic. More recently, the Substance Abuse and Mental Health Services Administration (SAMHSA) has introduced updated provisions that have led Part 2 clinics to review their agreements with outside agencies. There are certain necessary elements of an BAA, such as 1) the definition of uses and returns of PPH authorized and necessary by the counterparty; 2) provide that the counterparty will not use or disclose the information, except as required by the BAA or any other legal obligation; and 3) require the counterparty to put in place appropriate security measures to prevent the unauthorized use or disclosure of PPHs. [vi] There are additional best practices that can be recommended by your legal advisor to manage an insured company`s relationship with its business partners, such as the inclusion of a disclaimer in the Agency`s relationship and the recommendation of a language that the agreement is not intended to be used by third parties. If you are treating patients whose information is subject to stricter data protection under federal law (for example. B The Medicines Protection and Alcohol Protection Act, you can plan to put in the mix a qualified service organization agreement. Then there are the unlisted entities that might want to write your partner agreement for you.
These uncovered companies may have hundreds or thousands of other clients of covered entities that also need an agreement. Many health organizations work to treat people who have drugs. If your company strives to do the same and needs help navigating complex compliance issues with compliance with drug treatment protocols, we can help! Please schedule a call with us to see how we respond to Part 2 requests. If you work for a covered facility, which is supported in one way or another at the federal level and provides substance abuse services that meet the criteria of a program under drug law and alcohol secrecy – in other words, the covered company “maintains itself as a provider of alcohol or drug abuse diagnoses, treatment or remittances for treatment (42 CFR, Part 2, 2.11)”1 – then you must take this federal law into account when writing your associate contracts. This can be done by inserting the agreement on qualified service organisations into the matching agreement and ensuring that aspects of the counterparty agreement are not contrary to the terms of the qualified service organisation agreement. This agreement is very short, but complete and reads: As soon as you are certain that a matching agreement is appropriate, it may be useful to start with an example of a partnership contract that generally meets your requirements, for example. B that www.hhs.gov/ocr/hipaa on the Office for Civil Rights (OCR) website. If you do not have patients protected by other federal or national laws, stricter in protecting their data protection rights, you can follow the OCR agreement and fill in the gaps. All potential agreements must be reviewed to determine whether a qualified service/counterparty agreement is allowed