Yes. Because we support systems that store, transmit, and secure protected health information on your behalf, a Business Associate Agreement is a required and standard part of working with us. The BAA defines how we safeguard PHI, how breaches are reported, and the responsibilities each side carries under HIPAA. We are experienced with the layered BAA relationships answering services live in, since you hold BAAs with your client practices and we hold one with you, and we make sure our safeguards actually satisfy what those agreements promise.