Business associate agreement (BAA)

Last updated: August 26, 2025

Overview

Our Business Associate Agreement ensures that Clarify meets the requirements of the Health Insurance Portability and Accountability Act (HIPAA) when handling Protected Health Information (PHI) on behalf of covered entities.

Who Needs a BAA?

A BAA is required if your organization:

  • Is a HIPAA-covered entity (healthcare providers, health plans, healthcare clearinghouses)
  • Is a business associate of a covered entity
  • Processes, stores, or transmits Protected Health Information (PHI) using Clarify

What's Included

Our BAA covers:

Safeguards: Implementation of administrative, physical, and technical safeguards to protect PHI

Use and Disclosure: Limitations on how PHI can be used and disclosed

Breach Notification: Procedures for notifying you of any security incidents

Subcontractors: Requirements for our subcontractors who may access PHI

Access and Audit: Your rights to access and audit our compliance measures

Data Return: Procedures for returning or destroying PHI at contract termination

Security Measures

Clarify implements comprehensive security measures including:

  • End-to-end encryption for data in transit and at rest
  • Access controls and authentication protocols
  • Regular security audits and assessments
  • Employee training on HIPAA compliance
  • Incident response procedures

Availability

Clarify's BAA is available for customers on the Growth plan or higher.How to Request a BAATo request a signed BAA:

  1. Ensure you are on the Growth plan or above
  2. Contact your account manager or email sales@clarify.ai
  3. Provide your organization details and use case
  4. Our legal team will prepare and send the agreement for execution

Questions?

For questions about our BAA or HIPAA compliance, please contact our compliance team at legal@clarify.ai.