Eclipse EMR
Back to Home

Business Associate Agreement

HIPAA Compliance & Protected Health Information

HIPAA Compliant

Our BAA ensures full compliance with HIPAA regulations for protecting PHI.

Standardized Agreement

We provide a comprehensive BAA that meets all regulatory requirements.

What is a Business Associate Agreement?

A Business Associate Agreement (BAA) is a legally binding contract required by the Health Insurance Portability and Accountability Act (HIPAA) between a covered entity (such as a correctional healthcare facility) and a business associate (such as Eclipse EMR) that creates, receives, maintains, or transmits Protected Health Information (PHI) on behalf of the covered entity.

Eclipse EMR as a Business Associate

As a provider of electronic medical records services to correctional healthcare facilities, Eclipse EMR operates as a business associate under HIPAA. We take this responsibility seriously and have implemented comprehensive policies, procedures, and technical safeguards to protect the PHI entrusted to us.

Our BAA Commitments

Our Business Associate Agreement includes commitments to:

  • Use and disclose PHI only as permitted by the agreement and applicable law
  • Implement appropriate administrative, physical, and technical safeguards
  • Report any security incidents or breaches promptly
  • Ensure subcontractors agree to the same restrictions and conditions
  • Make PHI available for individual access requests
  • Support amendment requests and maintain an accounting of disclosures
  • Return or destroy PHI upon termination of the agreement
  • Allow the covered entity to terminate the agreement for material breaches

Security Safeguards

Administrative Safeguards

Security management processes, workforce training, access management policies, and incident response procedures.

Physical Safeguards

Facility access controls, workstation security, device and media controls in our data centers.

Technical Safeguards

Access controls, audit controls, integrity controls, transmission security, and encryption at rest and in transit.

Breach Notification

In the event of a security incident or breach involving PHI, Eclipse EMR will notify the covered entity within 24 hours of discovery. We will provide all information necessary for the covered entity to fulfill its breach notification obligations and will cooperate fully in any investigation and remediation efforts.

Subcontractor Management

Eclipse EMR requires all subcontractors who may have access to PHI to enter into BAAs with equivalent protections. We maintain strict oversight of our subcontractors and regularly assess their compliance with HIPAA requirements and our security standards.

Important Notice

A signed Business Associate Agreement is required before Eclipse EMR can process, store, or transmit any Protected Health Information on your behalf. Please contact our compliance team to initiate the BAA process before implementation.

Request a BAA

To request a Business Associate Agreement or to discuss HIPAA compliance requirements, please contact our compliance team:

Eclipse EMR Compliance Team

Email: sales@eclipsemr.com

Phone: +1 800-442-5441

Address: 2058 Classique Ln, Tavares, FL 32778, United States

Contact Us to Get Started