Who is solely responsible for decisions regarding the safeguarding of PHI for Degree Wellness?

According to Degree Wellness's 2025 Franchise Disclosure Document, the Business Associate, which in this case is the franchisee, bears the sole responsibility for all decisions regarding the safeguarding of Protected Health Information (PHI). This allocation of responsibility is detailed within the Business Associate Agreement included as Exhibit J to the franchise agreement.

This means that as a Degree Wellness franchisee, you are independently accountable for establishing and maintaining appropriate safeguards to protect patient data in accordance with HIPAA, the HITECH Act, and other relevant regulations. This includes implementing administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of electronic PHI (ePHI) that you create, receive, maintain, or transmit on behalf of the Covered Entity (Wellness Provider Therapies, P.A.).

Degree Wellness makes no warranty or representation that your compliance with the Business Associate Agreement, HIPAA, the HIPAA Regulations, or the HITECH Act will be adequate or satisfactory for your own purposes. It is your responsibility to ensure that your practices meet all legal requirements. You are also responsible for the effects, outcomes, and consequences of your acts and omissions and the acts and omissions of your employees, representatives, and agents in connection with or relating to the operation of your franchised business.