📘

Review What is a BA? to learn more about what should be added in this step.

Steps

1. Search Common Vendors
2. Add a BA

1. Search Common Vendors

From the Dashboard, hover over the Third Parties tab > Select Manage Third Parties

Select Common Vendors

Search by name in the search field, or scan through the vendors and simply click "add vendor"

📘

The purpose of documenting information about your BAs is to document what parties you work with, and what information they have access to. In the event of a data breach, this will help you quickly and specifically identify the depth and breadth of the issue to ensure that you respond appropriately.

2. Add a BA manually

• Enter the Company Name of the BA
• Optionally, enter their website
• Select their Third Party Type: Vendor, Partner, or Client
• Enter a brief description of the Service Provided
  • Vendor: Services provided to you by them
  • Partner: Services provided to each other
  • Client: Services provided by you to them
• Enter the Data Stored in a comma separated list (List of 18 PHI Identifiers)
  • List out the specific PHI that this inventory has access to

    • 📘

      The 18 PHI Identifiers | Blog

• Select the Risk Level: High, Medium, or Low
• Enter the Contact Information for the person who will sign future BAAs for this organization. Enter their...
  • Email
  • First Name
  • Last Name

👍

Congratulations! You are one step closer to being HIPAA compliant. In your dashboard, your HIPAA score should have moved a little bit closer to 100%.

Next Steps

• How to Upload an Existing BAA
• How to Setup your Company Signatory
• How to Setup your BAA Template
• How to Send a BAA