{"id":80,"date":"2022-04-22T06:55:13","date_gmt":"2022-04-22T06:55:13","guid":{"rendered":"https:\/\/myzhealth.io\/?page_id=80"},"modified":"2022-09-09T10:11:24","modified_gmt":"2022-09-09T10:11:24","slug":"hipaa-compliance","status":"publish","type":"page","link":"https:\/\/myzhealth.io\/hipaa-compliance\/","title":{"rendered":"Hippa Compliance"},"content":{"rendered":"\n

HIPAA Compliance for Chiropractors<\/h1>\n\n\n\n

Business Associate Agreement<\/strong><\/h2>\n\n\n\n

These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities (as defined below) and that provide Protected Health Information (\u201cPHI\u201d)(as defined below) to PatientPop in connection with the services they have purchased. These terms supplement and are made part of the purchase agreement between PatientPop and Customers (\u201cUnderlying Agreement\u201d) in order to comply with the federal Standards for Privacy of Individually Identifiable Health Information, located at 45 C.F.R. Part 160 and Part 164, Subparts A through E (\u201cPrivacy Rule\u201d) and the Health Information Technology for Economic and Clinical Health Act, Public Law 111-005 (the \u201cHITECH Act\u201d).<\/p>\n\n\n\n

WHEREAS, in order to ensure that Covered Entity and Business Associate remain in compliance with the HIPAA Rules and other applicable federal and state laws and regulations regarding the disclosure of PHI to Business Associate, the parties have agreed to enter into this Agreement.<\/p>\n\n\n\n

NOW THEREFORE, Covered Entity and Business Associate agree as follows:<\/p>\n\n\n\n

1. DEFINITIONS<\/strong><\/h2>\n\n\n\n

Capitalized terms used in this Agreement and not otherwise defined herein shall have that meaning given to them in the HIPAA Rules.\u201dBreach\u201d when capitalized, shall have the meaning set forth in 45 CFR \u00c2\u00a7 164.402 (including all of its subsections); with respect to all other uses of the word \u201cbreach\u201d in this Agreement, the word shall have its ordinary contract meaning.\u201dElectronic Protected Health Information\u201d or \u201cEPHI\u201d shall have the same meaning as the term \u201celectronic protected health information\u201d in 45 CFR \u00c2\u00a7 160.103, limited to information that Business Associate creates, accesses or receives from or on behalf of Covered Entity.\u201dIndividually Identifiable Health Information\u201d means information that is a subset of health information, including demographic information collected from an individual, and;is created or received by a health care provider, health plan, employer, or health care clearinghouse; and relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present or future payment for provision of health care to an individual; and<\/p>\n\n\n\n

\u2022 that identifies the individual; or<\/p>\n\n\n\n

\u2022 with respect to which there is a reasonable basis to believe the information can be used to identify the individual.<\/p>\n\n\n\n

\u201cProtected Health Information\u201d<\/strong> or \u201cPHI\u201d<\/strong> shall have the meaning set forth in the Privacy Rule, limited to information that Business Associate creates, accesses or receives from or on behalf of Covered Entity. PHI includes EPHI.<\/p>\n\n\n\n

\u201cPrivacy Rule\u201d<\/strong> means the Standards for Privacy of Individually Identifiable Health Information, codified at 45 CFR parts 160 and 164, Subparts A, D and E, as currently in effect.<\/p>\n\n\n\n

\u201cSecurity Incident\u201d<\/strong> shall have the same meaning as the term \u201csecurity incident\u201d at 45 CFR 164.304.<\/p>\n\n\n\n

\u201cSecurity Rule\u201d<\/strong> means the Standards for Security for the Protection of Electronic Protected Health Information, codified at 45 CFR parts 160 and 164, Subpart C, as currently in effect.<\/p>\n\n\n\n

\u201cUnsecured Protected Health Information\u201d<\/strong> or \u201cUnsecured PHI\u201d<\/strong> shall have the same meaning as the term \u201cunsecured protected health information\u201d in 45 CFR \u00c2\u00a7 164.402, limited to the information created or received by Business Associate from or on behalf of Covered Entity.<\/p>\n\n\n\n

2. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATES<\/strong><\/h2>\n\n\n\n

\u2022 Business Associate Status<\/strong><\/p>\n\n\n\n

Business Associate acknowledges and agrees that it is a \u201cBusiness Associate\u201d as defined by the HIPAA Rules, and as such, Business Associate shall, in addition to complying with the other terms and conditions of the Terms of Service Agreement, comply with the HIPAA-required provisions set forth in this Agreement. In the event of a conflict between the terms of this Agreement and the Terms of Service Agreement with respect to the use or disclosure of PHI, the terms of this Agreement will govern. In all other circumstances, the terms of the Terms of Service Agreement will govern.<\/p>\n\n\n\n

\u2022 Performance of Services<\/strong><\/p>\n\n\n\n

Business Associate may use PHI only to perform the services and its other obligations pursuant to the Terms of Service Agreement or as Required by Law. Business Associate may disclose such PHI only within its organization and only to those of its employees who need to know such information in order to perform its obligations under the Terms of Service Agreement and, in such case, only the minimum amount of such PHI as is necessary for such performance. Business Associate shall not access, use or disclose PHI in any manner that would violate the HIPAA Rules if such access, use or disclosure was done by Business Associate or Covered Entity,<\/p>\n\n\n\n

\u2022 Privacy Rule Obligations<\/strong><\/p>\n\n\n\n

Business Associate shall comply with the Privacy Rule as it directly applies to business associates: To the extent Business Associate carries out one or more of Covered Entity\u2019s obligations under the Privacy Rule, Business Associate shall comply with the requirements of HIPAA that apply to Business Associate or Covered Entity in the performance of such obligation(s).<\/p>\n\n\n\n

\u2022 Safeguards for Protection of PHI<\/strong><\/p>\n\n\n\n

Business Associate agrees that it will (a) protect and safeguard from any disclosure (whether oral, written or otherwise) all PHI with which it may come into contact with in accordance with the HIPAA Rules and more stringent state laws and regulations governing the handling of such information; and (b) use appropriate safeguards to prevent use or disclosure of PHI other than as permitted by the Terms of Service Agreement or this Agreement or as Required by Law.<\/p>\n\n\n\n

\u2022 Mitigation<\/strong><\/p>\n\n\n\n

Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

HIPAA Compliance for Chiropractors Business Associate Agreement These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities (as defined below) and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"\n

Hipaa Compliance for Chiropractors<\/h2>\n\n\n\n
Business Associate Agreement<\/strong><\/h6>\n\n\n\n

These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities (as defined below) and that provide Protected Health Information (\u201cPHI\u201d)(as defined below) to PatientPop in connection with the services they have purchased. These terms supplement and are made part of the purchase agreement between PatientPop and Customers (\u201cUnderlying Agreement\u201d) in order to comply with the federal Standards for Privacy of Individually Identifiable Health Information, located at 45 C.F.R. Part 160 and Part 164, Subparts A through E (\u201cPrivacy Rule\u201d) and the Health Information Technology for Economic and Clinical Health Act, Public Law 111-005 (the \u201cHITECH Act\u201d).<\/p>\n\n\n\n

WHEREAS, in order to ensure that Covered Entity and Business Associate remain in compliance with the HIPAA Rules and other applicable federal and state laws and regulations regarding the disclosure of PHI to Business Associate, the parties have agreed to enter into this Agreement.<\/p>\n\n\n\n

NOW THEREFORE, Covered Entity and Business Associate agree as follows:<\/p>\n\n\n\n

1. DEFINITIONS<\/strong><\/h6>\n\n\n\n

Capitalized terms used in this Agreement and not otherwise defined herein shall have that meaning given to them in the HIPAA Rules.\u201dBreach\u201d when capitalized, shall have the meaning set forth in 45 CFR \u00c2\u00a7 164.402 (including all of its subsections); with respect to all other uses of the word \u201cbreach\u201d in this Agreement, the word shall have its ordinary contract meaning.\u201dElectronic Protected Health Information\u201d or \u201cEPHI\u201d shall have the same meaning as the term \u201celectronic protected health information\u201d in 45 CFR \u00c2\u00a7 160.103, limited to information that Business Associate creates, accesses or receives from or on behalf of Covered Entity.\u201dIndividually Identifiable Health Information\u201d means information that is a subset of health information, including demographic information collected from an individual, and;is created or received by a health care provider, health plan, employer, or health care clearinghouse; and relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present or future payment for provision of health care to an individual; and<\/p>\n\n\n\n

\u2022 that identifies the individual; or<\/p>\n\n\n\n

\u2022 with respect to which there is a reasonable basis to believe the information can be used to identify the individual.<\/p>\n\n\n\n

\u201cProtected Health Information\u201d<\/strong> or \u201cPHI\u201d<\/strong> shall have the meaning set forth in the Privacy Rule, limited to information that Business Associate creates, accesses or receives from or on behalf of Covered Entity. PHI includes EPHI.<\/p>\n\n\n\n

\u201cPrivacy Rule\u201d<\/strong> means the Standards for Privacy of Individually Identifiable Health Information, codified at 45 CFR parts 160 and 164, Subparts A, D and E, as currently in effect.<\/p>\n\n\n\n

\u201cSecurity Incident\u201d<\/strong> shall have the same meaning as the term \u201csecurity incident\u201d at 45 CFR 164.304.<\/p>\n\n\n\n

\u201cSecurity Rule\u201d<\/strong> means the Standards for Security for the Protection of Electronic Protected Health Information, codified at 45 CFR parts 160 and 164, Subpart C, as currently in effect.<\/p>\n\n\n\n

\u201cUnsecured Protected Health Information\u201d<\/strong> or \u201cUnsecured PHI\u201d<\/strong> shall have the same meaning as the term \u201cunsecured protected health information\u201d in 45 CFR \u00c2\u00a7 164.402, limited to the information created or received by Business Associate from or on behalf of Covered Entity.<\/p>\n\n\n\n

2. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATES<\/strong><\/h6>\n\n\n\n

\u2022 Business Associate Status<\/strong><\/p>\n\n\n\n

Business Associate acknowledges and agrees that it is a \u201cBusiness Associate\u201d as defined by the HIPAA Rules, and as such, Business Associate shall, in addition to complying with the other terms and conditions of the Terms of Service Agreement, comply with the HIPAA-required provisions set forth in this Agreement. In the event of a conflict between the terms of this Agreement and the Terms of Service Agreement with respect to the use or disclosure of PHI, the terms of this Agreement will govern. In all other circumstances, the terms of the Terms of Service Agreement will govern.<\/p>\n\n\n\n

\u2022 Performance of Services<\/strong><\/p>\n\n\n\n

Business Associate may use PHI only to perform the services and its other obligations pursuant to the Terms of Service Agreement or as Required by Law. Business Associate may disclose such PHI only within its organization and only to those of its employees who need to know such information in order to perform its obligations under the Terms of Service Agreement and, in such case, only the minimum amount of such PHI as is necessary for such performance. Business Associate shall not access, use or disclose PHI in any manner that would violate the HIPAA Rules if such access, use or disclosure was done by Business Associate or Covered Entity,<\/p>\n\n\n\n

\u2022 Privacy Rule Obligations<\/strong><\/p>\n\n\n\n

Business Associate shall comply with the Privacy Rule as it directly applies to business associates: To the extent Business Associate carries out one or more of Covered Entity\u2019s obligations under the Privacy Rule, Business Associate shall comply with the requirements of HIPAA that apply to Business Associate or Covered Entity in the performance of such obligation(s).<\/p>\n\n\n\n

\u2022 Safeguards for Protection of PHI<\/strong><\/p>\n\n\n\n

Business Associate agrees that it will (a) protect and safeguard from any disclosure (whether oral, written or otherwise) all PHI with which it may come into contact with in accordance with the HIPAA Rules and more stringent state laws and regulations governing the handling of such information; and (b) use appropriate safeguards to prevent use or disclosure of PHI other than as permitted by the Terms of Service Agreement or this Agreement or as Required by Law.<\/p>\n\n\n\n

\u2022 Mitigation<\/strong><\/p>\n\n\n\n

Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement.<\/p>\n\n\n\n

<\/p>\n","_et_gb_content_width":"1500","footnotes":""},"class_list":["post-80","page","type-page","status-publish","hentry"],"yoast_head":"\nHIPPA Compliance for Chiropractors - zHealth Software<\/title>\n<meta name=\"description\" content=\"HIPAA Compliance - These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities as defined. Read more.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/myzhealth.io\/hipaa-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hippa Compliance\" \/>\n<meta property=\"og:description\" content=\"HIPAA Compliance - These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities as defined. Read more.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/myzhealth.io\/hipaa-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Cloud-Based Chiropractic Practice Management Software\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/myzhealth\/\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-09T10:11:24+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"HIPPA Compliance for Chiropractors - zHealth Software","description":"HIPAA Compliance - These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities as defined. Read more.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/myzhealth.io\/hipaa-compliance\/","og_locale":"en_US","og_type":"article","og_title":"Hippa Compliance","og_description":"HIPAA Compliance - These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities as defined. Read more.","og_url":"https:\/\/myzhealth.io\/hipaa-compliance\/","og_site_name":"Best Cloud-Based Chiropractic Practice Management Software","article_publisher":"https:\/\/www.facebook.com\/myzhealth\/","article_modified_time":"2022-09-09T10:11:24+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/myzhealth.io\/hipaa-compliance\/","url":"https:\/\/myzhealth.io\/hipaa-compliance\/","name":"HIPPA Compliance for Chiropractors - zHealth Software","isPartOf":{"@id":"https:\/\/myzhealth.io\/#website"},"datePublished":"2022-04-22T06:55:13+00:00","dateModified":"2022-09-09T10:11:24+00:00","description":"HIPAA Compliance - These Standard HIPAA Business Associate Agreement Terms and Conditions (\u201cHIPAA Addendum\u201d) shall be incorporated into the Service Agreement for Customers that are Covered Entities as defined. Read more.","breadcrumb":{"@id":"https:\/\/myzhealth.io\/hipaa-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/myzhealth.io\/hipaa-compliance\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/myzhealth.io\/hipaa-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/myzhealth.io\/"},{"@type":"ListItem","position":2,"name":"Hippa Compliance"}]},{"@type":"WebSite","@id":"https:\/\/myzhealth.io\/#website","url":"https:\/\/myzhealth.io\/","name":"Best Cloud-Based Chiropractic Practice Management Software","description":"zHealth Empowers Chiropractic Practices and Optimizes Their Finances","publisher":{"@id":"https:\/\/myzhealth.io\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/myzhealth.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/myzhealth.io\/#organization","name":"zHealth","alternateName":"zHealth","url":"https:\/\/myzhealth.io\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/myzhealth.io\/#\/schema\/logo\/image\/","url":"https:\/\/myzhealth.io\/wp-content\/uploads\/2024\/12\/zHealth-Software-Logo.png","contentUrl":"https:\/\/myzhealth.io\/wp-content\/uploads\/2024\/12\/zHealth-Software-Logo.png","width":1181,"height":701,"caption":"zHealth"},"image":{"@id":"https:\/\/myzhealth.io\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/myzhealth\/","https:\/\/www.linkedin.com\/company\/zhealth-ehr\/about\/","https:\/\/www.youtube.com\/channel\/UCgQEK6LyrRcAFaxGExe32EQ\/videos","https:\/\/www.instagram.com\/myzhealth\/"],"description":"zHealth provides an all-in-one cloud-based practice management software for chiropractors, acupuncturists, and wellness providers. Our user-friendly solution includes EHR, scheduling, 2-way texting, custom SOAP notes, payments, recall, online reviews, insurance billing and more - starting from $119. Request a demo!","email":"sales@zhealthehr.com","telephone":"+1 (800) 939-0319","legalName":"zHealth, Inc.","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"}}]}},"_links":{"self":[{"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/pages\/80","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/comments?post=80"}],"version-history":[{"count":5,"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/pages\/80\/revisions"}],"predecessor-version":[{"id":22733,"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/pages\/80\/revisions\/22733"}],"wp:attachment":[{"href":"https:\/\/myzhealth.io\/wp-json\/wp\/v2\/media?parent=80"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}