However, the provisions of HITECH also make it possible to audit subcontractors to ensure that they too comply with the data protection and security policies of the law. In essence, a counterparty agreement serves as an agreement between the subcontractor to comply with HIPAA rules and standards — and they understand the consequences of non-compliance. 3.7 Other Considerations. The covered entity undertakes to be solely responsible for ensuring that all contractual relationships it has with other counterparties comply with the data protection and security rules of the HIPC. However, if you have used a template or have only made minor changes to existing agreements, it is best to check the agreements you have registered to ensure that they comply with current legislation. .