A software company that my organisation uses is a self certified HIPAA compliant facility. Should I still have a BA contract signed with them?

YES.  Since they are handling your ePHI data, it is a federal regulation to have BA contract with them.

Share this in :
  •  
  •  
  •  
  •  

Subscribe for Updates