Compliance
Business Associate Agreement (BAA)
Under HIPAA, a covered entity must have a signed Business Associate Agreement with any vendor that creates, receives, maintains, or transmits PHI on its behalf. EMRxAI provides a BAA to every customer that needs one.
What is a BAA?
A Business Associate Agreement is a contract required by the HIPAA Privacy and Security Rules. It establishes the permitted and required uses of PHI by a business associate (such as EMRxAI) and obligates the business associate to implement appropriate safeguards. When you use EMRxAI to manage patient records, we act as your business associate, and the BAA defines how we protect and handle that information.
What our BAA covers
- Permitted uses and disclosures of Protected Health Information (PHI)
- Safeguards EMRxAI maintains to protect PHI
- Reporting of security incidents and breaches of unsecured PHI
- Obligations regarding subcontractors that may access PHI
- Your rights to access, amend, and account for PHI
- Return or destruction of PHI upon termination of services
Request a BAA
New and prospective customers can request a copy of our BAA for review at any time. Reach out and our team will provide the agreement and walk you through it.
Request our BAAThis page is provided for general informational purposes and is not legal advice. The executed BAA between EMRxAI and your organization governs the parties' obligations with respect to PHI.