BUSINESS ASSOCIATE AGREEMENT FOR ELECTRONIC DATA EXCHANGE

This Letter of Agreement (“LOA”) by and between Van Lang IPA (“IPA”) and Participating Provider or Provider Employee(s) or Provider Contractor(s) (“Provider”), is made effective pursuant to Section 17 or the Health Insurance Portability and Accountability Act (“HIPAA”) Business Associate Addendum of the provider services agreement (“Agreement”) first entered between both parties.

Whereas, IPA and Provider desire to send and receive confidential electronic data pertinent to the business of conducting health care and administrative services, specifically, but not limited to, on-line access to member eligibility, document management for credentialing, managing health plans’ gaps in care reports, Provider hereto agrees to the following:

A) Provider shall make best efforts to adhere to HIPAA (Health Insurance Portability and Accountability Act of 1996) regulations promulgated and ensure that equipment, software and devices utilized by Provider or delegated Business Associate be safeguarded and secure against unauthorized use or access;

B) Provider shall ensure that equipment, software and devices utilized be assessed periodically to mitigate possible breaches of security, up to and including, utilization of virus scans and protective firewalls;

C) Provider shall ensure its staff and/or delegated business associate assigned to conduct such data interchange has executed a confidentiality agreement and has received appropriate training to safeguard elements of HIPAA, up to and including, the safeguarding of passwords;

D) Any breach to the provisions of this LOA that is not curable within thirty (30) days of notification by IPA/MG to Provider shall null and void this agreement, and IPA shall immediately rescind and terminate electronic utilization and access to Provider.

VAN LANG IPA - BUSINESS ASSOCIATE AGREEMENT

Van Lang IPA