Last updated: November 2025
This HIPAA Business Associate Agreement applies when Seranova, operated by HRZ Solutions, LLC DBA Dream Beyond Technologies, LLC, acts as a Business Associate to a Covered Entity under the Health Insurance Portability and Accountability Act and related rules.
1. Definitions
- Covered Entity means the healthcare provider or organization that uses Seranova and is subject to HIPAA.
- Business Associate means HRZ Solutions, LLC DBA Dream Beyond Technologies, LLC, operating Seranova.
- PHI means protected health information as defined by HIPAA.
2. Permitted Uses and Disclosures
- We may use and disclose PHI only as necessary to provide the Seranova services to you as the Covered Entity.
- We may use PHI for proper management, administration, and to meet legal obligations, as allowed by HIPAA.
- We will not use or disclose PHI in any way that would violate HIPAA if you performed the same action.
3. Safeguards and Security
- We implement administrative, physical, and technical safeguards to protect PHI from unauthorized use or disclosure.
- We apply access controls and, where appropriate, encryption for PHI in transit and at rest.
- We ensure that workforce members who handle PHI are trained and bound by confidentiality obligations.
4. Reporting of Breaches and Security Incidents
- We will report any known security incident or breach of unsecured PHI to you without undue delay after discovery.
- We will provide information you reasonably need to comply with your breach notification obligations under HIPAA.
5. Subcontractors
- We require subcontractors that create, receive, maintain, or transmit PHI on our behalf to agree in writing to the same restrictions and safeguards that apply to us.
6. Access, Amendment, and Accounting
- When PHI is stored in Seranova, we will help you respond to requests by individuals to access or amend their PHI, as required by HIPAA.
- We will maintain records of disclosures of PHI where needed so you can provide an accounting of disclosures.
7. Term and Termination
- This Agreement remains in effect while we provide services involving PHI to you.
- If the main services agreement ends, this Agreement will also end except for obligations that must continue by law.
- Upon termination, we will return or destroy PHI where feasible, or continue to protect it if destruction is not feasible.
8. Priority of Terms
If there is a conflict between this HIPAA Business Associate Agreement and the main Terms of Service, this Agreement controls with respect to the use and protection of PHI.