Effective Date: Upon acceptance via checkbox during account registration.
This Business Associate Agreement (“Agreement” or “BAA”) is entered into by and between Revmaxx LLC (“Business Associate”) and the user of the Revmaxx application who creates an account and accepts this Agreement by checking the acceptance box (“Covered Entity”), and is effective as of the date of such acceptance (the “Effective Date”).
This BAA governs the use and disclosure of Protected Health Information (“PHI”) by Revmaxx LLC in compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (45 CFR Parts 160 and 164), and the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”).
By accepting this BAA, Covered Entity and Business Associate agree to comply with all applicable laws and regulations relating to the privacy and security of PHI.
All capitalized terms used but not otherwise defined in this Agreement shall have the meanings set forth in HIPAA and the HITECH Act.
a. Permitted Uses and Disclosures
Business Associate may use and disclose PHI as necessary to provide its AI-powered medical scribe services, as outlined in the Terms of Use, or as required by law.
b. De-identification of Data
Revmaxx LLC may de-identify PHI in accordance with 45 CFR §164.514 and may use or disclose such de-identified data for analytics, research, or service improvement.
c. Safeguards
Business Associate will implement appropriate technical, administrative, and physical safeguards to protect the confidentiality, integrity, and availability of PHI.
d. Reporting
Business Associate shall promptly report any unauthorized use or disclosure of PHI, including any data breach, to Covered Entity within 10 business days of discovery.
e. Subcontractors
Any subcontractors who access PHI must agree in writing to abide by the same restrictions and conditions as required under this Agreement.
f. Access and Amendment
Business Associate shall provide access to and amend PHI in a designated record set as required under 45 CFR §§ 164.524 and 164.526.
g. Accounting of Disclosures
Business Associate will document disclosures of PHI and provide information necessary for an accounting of disclosures under 45 CFR § 164.528.
h. Internal Practices and Records
Business Associate shall make its privacy-related practices and records available to the Secretary of HHS for compliance investigations.
i. Minimum Necessary
Revmaxx LLC will use and disclose only the minimum PHI necessary to perform its duties.
a. Safeguards
Covered Entity shall use appropriate safeguards when transmitting PHI to the Business Associate.
b. Limitations and Instructions
Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under HIPAA.
c. Changes and Restrictions
Covered Entity agrees to notify Business Associate of any changes to privacy practices, individual permission changes, or restrictions that impact Revmaxx’s use of PHI.
a. Term
This BAA is effective from the date the user checks the acceptance box and continues until all PHI is destroyed or returned.
b. Termination for Cause
Either party may terminate this BAA upon knowledge of a material breach by the other party if such breach is not cured within 30 days of written notice.
c. Effect of Termination
Upon termination, Revmaxx LLC shall return or destroy all PHI unless return or destruction is infeasible, in which case the PHI will be protected as required under this Agreement.
Revmaxx LLC agrees to notify the Covered Entity without unreasonable delay, but no later than 10 days following discovery of a breach of Unsecured PHI, and to provide all information required for the Covered Entity to comply with breach notification obligations under the HITECH Act.
This Agreement may be amended to comply with future legal or regulatory changes. Revmaxx LLC may update this Agreement and will notify users of material updates.
Nothing in this BAA is intended to confer any rights or remedies to any third party.
This Agreement shall be governed by and interpreted in accordance with the laws of the United States and applicable HIPAA regulations.
By checking the acceptance box during registration, you agree to the terms of this Business Associate Agreement.
No credit card required – get started in minutes
AI medical scribe to automate clinical notes documentation
Imagine a world where your time is spent connecting with patients, not struggling with documentation.
With RevMaxx, we’ve simplified clinical documentation so you can type less and care more. Say goodbye to burnout and hello to efficient, accurate notes in just minutes.
