Business Associate Agreement Template
HIPAA-compliant Business Associate Agreement (BAA) template. Required when sharing PHI with vendors, contractors, or service providers.
What's Included
Core BAA Provisions
All HIPAA-required terms for PHI protection and handling
Security Safeguards
Required administrative, physical, and technical safeguards
Breach Notification Terms
Required breach notification procedures and timelines
Subcontractor Requirements
Flow-down provisions for subcontractors accessing PHI
Termination Provisions
Return or destruction of PHI upon agreement termination
Amendment Language
Provisions for regulatory updates and agreement modifications
Table of Contents
- 1.Definitions
- 2.Obligations of Business Associate
- 3.Permitted Uses and Disclosures
- 4.Security Safeguard Requirements
- 5.Reporting Obligations
- 6.Breach Notification Procedures
- 7.Subcontractor Requirements
- 8.Access to PHI
- 9.Amendment of PHI
- 10.Accounting of Disclosures
- 11.Termination
- 12.General Provisions
How to Use This Template
Download & Review
Download the template and review all provisions. Understand HIPAA BAA requirements and when a BAA is legally required.
Customize for Your Relationship
Update party names, addresses, and service descriptions. Specify the exact scope of PHI access and permitted uses.
Legal Review
Have your legal counsel review the agreement. Ensure it adequately protects your organization and meets all HIPAA requirements.
Execute & Maintain
Obtain signatures from authorized representatives. Maintain a copy in your BAA inventory and review annually.
Related Templates
HIPAA Privacy Policy
HIPAA-compliant privacy policy template for healthcare organizations
Download Template →Vendor Management Policy
Complete vendor and third-party risk management policy template
Download Template →All Templates
Browse our complete library of free compliance policy templates
View All Templates →