Business Associate Agreement
This Business Associate Agreement (the “BAA”) is by and between Abridge (“Business Associate” or “BA”) and You (“Covered Entity”) who are parties to the Underlying Agreement (defined below) pursuant to which Business Associate performs the Service for or on behalf of Covered Entity and may create, receive, maintain, or transmit Protected Health Information (as defined below) for or on behalf of Covered Entity through the provision of the Service. Any capitalized term which is not otherwise defined in this BAA shall have the meaning ascribed to such term in the Underlying Agreement and any capitalized term used in this BAA, but not defined in either this BAA or the Underlying Agreement shall have the same meaning set forth in the HIPAA Regulations (as defined below).
WHEREAS, Covered Entity is a Covered Entity as that term is defined under the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-91), as amended, (“HIPAA”), and the regulations promulgated thereunder by the Secretary of the U.S. Department of Health and Human Services (“Secretary”), including, without limitation, the regulations codified at 45 C.F.R. Parts 160 and 164 (“HIPAA Regulations”);
WHEREAS, the parties intend to protect the privacy and provide for the security of the individually identifiable health information Disclosed by Covered Entity to Business Associate, or accessed, received, created, or transmitted by Business Associate, when providing the Service. Such PHI will be protected in compliance with HIPAA, the Health Information Technology for Economic and Clinical Health Act (Public Law 111-005) (“HITECH Act”) and its implementing regulations and guidance issued by the Secretary, and other applicable state and federal laws, all as amended from time to time; and
WHEREAS, Covered Entity is required under the HIPAA Regulations to enter into a Business Associate Agreement that meets certain requirements with respect to the Use and Disclosure of PHI, which are met by this BAA. Accordingly, to the extent required by HIPAA, Business Associate agrees to comply with this BAA.
In consideration of the foregoing, the requirements of HIPAA Regulations, including as amended pursuant to the HITECH Act, and for good and valuable consideration, the receipt and adequacy of which is hereby acknowledged, Covered Entity and Business Associate agree to be bound by the following terms and conditions.
NOW, THEREFORE, for good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the parties agree as follows: