HIPAA Business Associate Agreement (BAA)

Last updated April 2, 2025

As part of our commitment to complying with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Viewtality, LLC enters into Business Associate Agreements (BAAs) with healthcare providers, insurers, or other entities that may share Protected Health Information (PHI) with us. This agreement ensures that both parties are in compliance with HIPAA regulations regarding the confidentiality, security, and proper handling of PHI.

What is a Business Associate Agreement (BAA)?

A Business Associate Agreement (BAA) is a legal document that establishes the responsibilities of Viewtality when we are acting as a business associate of a healthcare provider or other covered entity. Under HIPAA, a "business associate" is defined as any entity that performs services on behalf of or provides assistance to a covered entity that involves the use or disclosure of PHI.

When we handle PHI on behalf of a healthcare provider or other covered entity, we are legally required to implement specific safeguards to protect the information and ensure it is used only for authorized purposes. Viewtality will not use or disclose any PHI beyond what is required to provide the services specified in the BAA, and we will take all necessary steps to protect the confidentiality and security of the data.

Our Responsibilities as a Business Associate

When acting as a business associate, Viewtality agrees to:

• Only use or disclose PHI in accordance with the terms of the BAA and applicable laws, including HIPAA.
• Implement reasonable safeguards to protect the confidentiality, integrity, and availability of PHI.
• Ensure that any subcontractors or vendors we engage in performing services that involve PHI also agree to comply with HIPAA regulations and the terms of the BAA.
• Report any breach of PHI to the covered entity without unreasonable delay and in compliance with the breach notification requirements under HIPAA.
• Make available all information necessary to demonstrate compliance with HIPAA to the covered entity or the U.S. Department of Health and Human Services (HHS).
• Cooperate with audits or investigations conducted by the covered entity or HHS in connection with our handling of PHI.

Request for a Business Associate Agreement

If you are a healthcare provider or a covered entity and you wish to engage Viewtality as a business associate, we will provide you with a Business Associate Agreement. The agreement will define the terms under which we process, store, and share your PHI. We will not process or disclose any PHI without having a valid BAA in place.

If you are a customer or user of Viewtality's services and you believe you are engaging in business associate relationships with us (e.g., as a healthcare provider), please reach out to us to discuss and establish the necessary BAA.