• Text Resize A A A
  • Print Print
  • Share Share on facebook Share on twitter Share

Instead of entering into a contract, can business associates self-certify or be certified by a third party as compliant with the HIPAA Privacy Rule?


No. A covered entity is required to enter into a contract or other written arrangement with a business associate that meets the requirements at 45 CFR 164.504(e).


Created 12/19/02


Content created by Office for Civil Rights (OCR)
Content last reviewed on July 26, 2013
Back to Top