Help Center

HIPAA Business Associate Addendum

No comments

The combination of security and privacy lead to a strong ecosystem that keeps your information safe. For clients who are subject to the requirements of the Health Insurance Portability and Accountability Act (known as HIPAA, as amended, including by the Health Information Technology for Economic and Clinical Health — HITECH — Act), we offer a HIPAA Business Associate Addendum to the CheckMarket Data Processing Agreement.

Our clients can enter into these terms via the opt in process described below.

Clients are responsible for determining if they are a Business Associate (and whether a HIPAA Business Associate Agreement with CheckMarket is required) and for ensuring that they use CheckMarket services in compliance with HIPAA. Clients are responsible for fulfilling an individual’s right of access, amendment, and accounting in accordance with the requirements under HIPAA.

The combination of security and privacy lead to a strong ecosystem that keeps your information safe. For clients who are subject to the requirements of the Health Insurance Portability and Accountability Act (known as HIPAA, as amended, including by the Health Information Technology for Economic and Clinical Health — HITECH — Act), we offer a HIPAA Business Associate Addendum to the CheckMarket Data Processing Agreement.

As an enterprise level platform serving government, health care and financial clients, privacy and security compliance is a must. Because of the markets that we serve, we have put a lot of effort over the last 18 years into our compliance with the major privacy and security regulations.

These efforts are built upon three pillars:

  1. Administrative Safeguards
    These have to do with the policies and procedures we have in place to ensure the proper employee management, training and oversight for staff that come into contact or manage personally identifiable information (PII) and protected health information (PHI). It includes providing tools to our clients to manage and limit the access to PII and PHI to certains user roles and specific users within their own accounts. It also includes having agreements in place with service providers that perform covered functions. These agreements, called Business Associate Agreements (BAAs) ensure that Business Associates use and safeguard PII and PHI.
  2. Technical Safeguards
    They include things like encryption at rest and in transit, firewalls, logging, encrypted file storage, business continuity, fine-grained data retention rules controlled by our clients and more.
  3. Physical Safeguards
    These include the use of multiple class A data centers, data redundancy, data region isolation, limited access to servers and more.

These pillars are covered extensively in our Data Processing Agreement which you must agree to before you can agree to this addendum.

Opt in to the HIPAA Business Associate Addendum

  1. Sign in to CheckMarket.
  2. Go to Account.
  3. Click on Legal & compliance.
  4. Under HIPAA Business Associate Addendum, click Review and Accept.
  5. Click I Accept.

You must be signed in as account administrator or legal representative for this task.

Not authorized?

Are you not legally authorized to approve CheckMarket’s HIPAA Business Associate Addendum? Then download the signed HIPAA Business Associate Addendum and send it to the legal representative of your company or organization. Return the BAA to legal@checkmarket.com, bearing the following information of the legal representative:

  • initials on each page
  • name, position, organization, date signature and signature on the last page

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.