In most cases, the lack of a Business Associate Agreement is the first indication that your IT company may be overstating its capabilities and services.
We recommend a simple test to see if they are, in fact, in compliance with HIPAA - have them complete our Business Associate Attestation Form _HIPAA Security_.pdf (located in EPICompliance Customer Console > Forms and Policies > HIPAA Security > PDF Forms).
This form will provide you with the necessary assurances to recognize if they are following HIPAA regulations.
If this cannot be done, we recommend the following:
- Sign a HIPAA-compliant agreement, or
- Cancel the contract and look for another subcontractor.
Regardless of the decision, EPICompliance is here to support and assist you.
For questions or concerns, contact us via the following:
- Chatbox/window on your Complete Compliance Suite screen.
- Telephone: 877-560-4261
- Email: firstname.lastname@example.org