Call Today 1-877-740-5028

BAA Breach Notification Clause

At Online Tech, we made the decision to get an independent HIPAA audit across our company policies, procedures, facilities, equipment, physical safeguards, BAA, risk assessment, and security awareness training by a Certified HIPAA Security Specialist and recraft our BAA to be appropriate with the help of attorneys experienced in health care law.

Brian Balow and Tatiana Melnik from Dickinson Wright helped us craft this statement in our Business Associate Agreement:

2.5Business Associate shall notify Client in writing of any Breach involving Unsecured PHI within five (5) business days of becoming aware of such Breach. All reports of Breaches of Unsecured PHI shall be made in compliance with HITECH Act ยง 13402 and the regulations issued thereunder.

A Breach will be treated as discovered as of the first day that such Breach is known or reasonably should have been known by Business Associate. Business Associate shall notify Client within seventy-two (72) hours of any suspected or actual Security Incident or breach of security, intrusion or unauthorized use or disclosure of PHI and/or any actual or suspected use or disclosure of data in violation of any applicable federal or state laws or regulations.  


HIPAA Compliant Cloud Hosting

The primary reason that Online Tech was our first choice was the people that are there. They were really attentive to our needs and went out of their way to make us feel like we were in the right place.

- Judson Pitt, CIO, Biotronic

Have Questions?
Call Today 1-734-213-2020


Live Chat
Events 2