📘

Review What is a BA? to learn more about what should be added in this step.

Steps

1. Add a BA

1. Add a BA

From the Dashboard, hover over the Third Parties tab > Select Manage All

Select Add Third Party Profile

Enter BA Info (see breakdown below) > Select Create Third Party Profile

📘

The purpose of documenting information about your BAs is to document what parties you work with, and what information they have access to. In the event of a data breach, this will help you quickly and specifically identify the depth and breadth of the issue to ensure that you respond appropriately.

• Enter the Company Name of the BA
• Optionally, enter their website
• Select their Third Party Type: Vendor, Partner, or Client
• Enter a brief description of the Service Provided
  • Vendor: Services provided to you by them
  • Partner: Services provided to each other
  • Client: Services provided by you to them
• Enter the Data Stored (example: names, addresses, dates of birth, Social Security numbers, telephone numbers, email addresses, fingerprints, facial images, medical records, diagnoses, lab reports,Billing records, insurance claims, enrollment details, treatment plans, etc.)
  • List out the specific PHI that this inventory has access to

    • 📘

      The 18 PHI Identifiers | Blog

• Select the Risk Level: High, Medium, or Low
• Enter the Contact Information for the person who will sign future BAAs for this organization. Enter their...
  • Email
  • First Name
  • Last Name

👍

Congratulations! You are one step closer to being HIPAA compliant. In your dashboard, your HIPAA score should have moved a little bit closer to 100%.

Next Steps

• How to Upload an Existing BAA
• How to Setup your Company Signatory
• How to Setup your BAA Template
• How to Send a BAA