HIPAA Notice of Privacy Practices


HIPAA Notice of Privacy Practices

Question:  Are the following entities considered "business associates" under the HIPAA Privacy Rule: US Postal Service, United Parcel Service, delivery truck line employees and/or their management?

Answer: No, the Privacy Rule does not require a covered entity to enter into business associate contracts with organizations, such as the US Postal Service, certain private couriers and their electronic equivalents that act merely as conduits for protected health information. A conduit transports information but does not access it other than on a random or infrequent basis as necessary for the performance of the transportation service or as required by law. Since no disclosure is intended by the covered entity, and the probability of exposure of any particular protected health information to a conduit is very small, a conduit is not a business associate of the covered entity.

Bluegrass Medical Courier & Logistics complies with HIPPA and State privacy laws (whichever holds the higher standards is the one that prevails).

In some situations, we enter into a business associate contract with the Company (our customer) providing medications, materials, and equipment to consumers, if:

  1. The Health Center (employer) releasing/disclosing Personal Health Information (PHI)?
  2. Does the receiver (recipient) of this PHI provide a service to/on behalf of your Health Center?

Any company answering YES to both of these questions is required to have a HIPPA Business Associate Agreement (BAA).

Contact Bluegrass Express for more information about courier services!

Contact Bluegrass Express Courier & Logistics today for a quote!