Under HIPAA, business associate agreements (BAAs) are critical legal contracts that govern how a covered entity ensures the privacy and security of protected health information (PHI) when certain functions are outsourced to a third-party who is not otherwise a covered entity.
A covered entity, such as a health care provider, health plan, or health care clearinghouse, must obtain satisfactory assurances from its business associates that PHI will be appropriately safeguarded when the associate performs services involving PHI on behalf of the covered entity. These BAAs are mandated by the HIPAA Privacy and Security Rules and form a central part of HIPAA compliance programs.
A business associate is any person or organization that creates, receives, maintains, or transmits PHI on behalf of a covered entity. This includes third-party administrators, billing companies, data storage and cloud services, consultants, and many others. Even if a contractor cannot view PHI, for example, cloud service providers that store encrypted data, they may still be a business associate if they create, receive, maintain, or transmit PHI as part of their service functions.
An exception is conduit services such as USPS, FedEx, and UPS. Conduit services are limited to vendors that only transmit PHI and do not further store any sensitive information. Because of this, most cloud based services qualify as a Business Associate since they both transmit and store data.
The BAA must clearly set forth the permitted and required uses and disclosures of PHI by the business associate and prohibit inappropriate uses. The contract must also require the business associate to implement appropriate administrative, physical, and technical safeguards to protect electronic PHI, in alignment with HIPAA’s Security Rule. In addition, the covered entity must ensure that any subcontractors who create, receive, maintain, or transmit PHI agree to the same restrictions and conditions that apply to the business associate.
Although HIPAA does not require a business associate to create its own Notice of Privacy Practices, covered entities must ensure that the business associate’s use and disclosure of PHI are consistent with the practices outlined in the covered entity’s own overarching privacy notice. The covered entity may also use a business associate to help distribute said notice.
A BAA may be combined with a data use agreement (DUA) when both types of agreements apply. For instance, in situations involving a limited data set with direct identifiers, a single agreement can satisfy the regulatory requirements for both the BAA and the DUA, as long as the terms adequately address HIPAA’s protections and the obligations of both parties.
HIPAA also permits business associate contracts in electronic form, including electronic signatures, provided they satisfy applicable state law, even though HIPAA itself does not prescribe specific electronic signature standards. This flexibility can help streamline processes and storage, but is state dependent.
In summary, BAAs are a foundational element of HIPAA compliance for covered entities and their partners. They define roles, responsibilities, and safeguards for PHI, and ensure HIPAA protections extend through the entire healthcare information ecosystem.
Learn about the basics of what Business Associates are and the agreement needed to satisfy HIPAA requirements for them
Healthcare practitioners who work with other partners, vendors, or third party services.
Date: 06/25/2026
Time: 12:00 pm - 1:00 pm (EST)
Reg. deadline: 06/24/2026
Venue: Live Webinar
Pivot Tables are one of Excel’s most powerful and misunderstood tools but once you know how to use them, they can transform how you analyse and report on data. In just a few clicks, you can summarise thousands of rows into meaningful, dynamic reports - no formulas required. This session will show you how to quickly create and customise Pivot Tables to reveal trends, answer questions, and support better decision-making. You’ll also discover how to turn your Pivot Table into a visual dashboard using built-in charting tools, slicers, and layout options. If you've ever looked at a Pivot Table and thought, “I should really learn that”, this is your moment. Why you should attend Manually building summaries and reports from Excel data is time-consuming and error-prone. Pivot Tables eliminate the guesswork, automate the process, and give you instant insights. This session is perfect if you want to save time, reduce complexity, and finally get confident with one of Excel’s most powerful (but underused) features. Topics covered How to structure your source data for best results Creating Pivot Tables in just a few clicks Summarising data with totals, counts, and percentages Formatting your Pivot Table for clarity and impact Sorting and filtering with built-in tools and slicers Visualising data using Pivot Charts Understanding and using (or avoiding) GETPIVOTDATA Who should attend This session is for anyone who wants to level up their Excel skills and gain confidence with Pivot Tables. It’s ideal for professionals in admin, finance, HR, operations, or anyone who builds regular reports. You should be comfortable with basic Excel tasks like entering data, using copy/paste, and applying simple formatting. The training is delivered using Excel for Windows (Microsoft 365), but most techniques also apply to earlier versions and Excel for Mac.
Whether your employer is a clinic, a hospital, home health, or long term care; whether you are an MD, RN, an occupational therapist, a receptionist, or in the C-Suite, approximately 5% - 10% of your patients may be gay, lesbian, or bisexual. Additional patients may be transgender, intersex, or questioning their gender identity or sexual orientation. The healthcare needs of GLBT patients may appear to be the same as other patients’, but institutionalized heterosexism in healthcare is a real barrier to quality care. Healthcare providers acknowledge they are serving more GLBT patients, and that they want to provide quality GLBT care, but aren’t sure how to best create and implement the policies, procedures, and practices to ensure best patient outcomes. GLBT patients face a multitude of barriers to equitable care such as: refusals of care, delayed or substandard care, mistreatment, inequitable policies and practices, end-of-life issues, and limits on visitation. The challenges begin from the beginning of the health professionals’ relationship with their GLBT patient—starting from asking them to identify if they are male or female, married or single, on their intake form. Objectives To list relevant laws, regulations and standards required for health equity and patient-centered care of GLBT patients To identify key policy, procedure and practice issues related to GLBT patients and their families to incorporate into already existing policies, procedures and practices To discuss opportunities to collect GLBT – relevant data and information during the healthcare encounter To identify or revise strategic community outreach efforts to the GLBT population To name a variety of resources Who should Attend? HR Management Nurses Other Health Professionals
Everyone makes decisions, but of course some decisions are more important and complex than others. Whether it is a decision about what to wear to work to deciding on a merger, the decision making process is generally the same. Most decision making by management is convoluted with much fuzziness and backtracking. Research suggests that managers put little thought into the decision making process such as—analysis of the risk, what values are poignant, the alternatives evaluated, quantitative and qualitative data, identifying the stakeholders, bias, and the impact of the decision on the system, to name a few. Decision making is the basic foundation of the process of management. Yet most management training and development tactics ignore this essential skill. Learning Objectives To examine the “act of choice” To analyze roadblocks to effective decision making To discuss 10 decision making/problem solving tools To list the various models of decision making Analyze how managers make decisions Who should Attend? HR Management Any Employee
It is our nature to think—we all do it, obviously. However, a good share of our thinking is biased, distorted, or incomplete. Critical thinking is an essential skill for both managers and employees. Few of us are effective critical thinkers though research suggests that leaders believe they think quite well. Critical thinking ensures we pose the right questions, view others’ viewpoints with merit, and challenge assumptions in strategic thinking, decision making and problem solving. Non-critical thinkers shoot down ideas before they are understood, or take action based on faulty assumptions resulting in a business disaster. Teams, as well as individuals, must learn to think critically which requires a work atmosphere that is conducive to challenging others’ perspectives. Critical thinking enables teams to develop positive insights and ideas that lead to effective action. It focuses on reframing and rethinking issues so that the right problems are addressed, and requires challenging conventional wisdom. Using the process of critical thinking leads to reasoned conclusions, better decisions, fewer mistakes, and improves collaboration among team members. Learning Objectives Define critical thinking List characteristics of critical thinkers Examine the critical thinking process Explore the elements of reasoning Discuss critical thinking techniques Identify organizational, team, and individual critical thinking barriers Who should Attend? HR Management Any Employee