Schedule a Demo

Schedule a Demo

Business Associate Agreement (BAA)

Effective Date: July 5, 2025
Last Updated: February 24, 2026

Intro / Overview

AIdMD provides healthcare technology products used by clinicians, practices, and healthcare organizations, including:

  • AIdMD EHR

  • AIdMD Insights Enterprise

  • AIdMD Insights Lite

When AIdMD processes protected health information (PHI) on behalf of a covered entity or business associate, we can support that use under a Business Associate Agreement (BAA), subject to product configuration, use case, and contracting requirements.

This page provides a general summary of our BAA approach and PHI handling practices. It is for informational purposes only and does not replace a signed agreement.

When a BAA May Apply

A BAA may be appropriate when a customer uses AIdMD to create, receive, maintain, or transmit PHI on behalf of a covered entity or business associate, including certain deployments of:

  • AIdMD EHR (AI-native EHR workflows)

  • AIdMD Insights Enterprise (EHR-connected AI workflows)

  • AIdMD Insights Lite (when used with PHI, including manual uploads, depending on plan and configuration)

Whether a BAA is required depends on your organization’s role, your intended use of the product, and the types of data processed.

High-Level PHI and Security Practices

AIdMD is designed to support secure clinical use and HIPAA-aligned deployments. Depending on the product and implementation, AIdMD supports safeguards such as:

  • Encryption in transit and at rest

  • Role-based access controls

  • Audit logging

  • Access management and authentication controls

  • Operational monitoring and security practices

  • Clinician review / human oversight in workflow execution

PHI is not used to train public AI models.

If true, optionally add:
Additional safeguards and configuration controls may be available based on product tier and deployment needs.

Product Notes (BAA Eligibility by Product)

AIdMD EHR

AIdMD EHR is designed for clinical workflows and may process PHI as part of core EHR and AI-assisted documentation workflows. BAAs are available for eligible customers using AIdMD EHR in production clinical environments.

AIdMD Insights Enterprise

AIdMD Insights Enterprise is designed to integrate with existing EHRs and clinical systems and may process PHI to support chart-aware AI workflows. BAAs are available for eligible enterprise deployments.

AIdMD Insights Lite

AIdMD Insights Lite can be used as a standalone clinician tool and may support manual uploads. If you plan to use Insights Lite with PHI, please contact AIdMD to confirm plan eligibility, configuration requirements, and whether a BAA is required for your use case.

What a BAA Summary Does (and Does Not) Cover

This page summarizes:

  • whether AIdMD can support BAAs

  • general PHI handling posture

  • product-level considerations

This page does not:

  • create a legal BAA

  • modify contract terms

  • provide legal advice

  • replace a signed agreement between your organization and AIdMD

A BAA becomes effective only when executed by authorized representatives of the applicable parties.

How to Request a BAA

If your organization requires a BAA, contact us with the following information:

  • Organization name

  • Product(s) you plan to use (EHR, Insights Enterprise, Insights Lite)

  • Intended use case (e.g., documentation, AI scribe, chart review, workflow support)

  • Whether you will process PHI

  • Target timeline for deployment

CTA Buttons

  • Contact Sales

  • Request a BAA Review

Suggested Short FAQ (on the same page)

Do all AIdMD customers need a BAA?

No. A BAA is typically required only when AIdMD will process PHI on behalf of a covered entity or business associate in a manner that triggers HIPAA business associate obligations.

Is a BAA available for AIdMD Insights Lite?

It may be, depending on how you plan to use Insights Lite and whether PHI is involved. Contact AIdMD to confirm eligibility and requirements for your plan and use case.

Does signing a BAA make AIdMD responsible for clinical decisions?

No. AIdMD provides technology to support clinical workflows. Clinicians and healthcare organizations remain responsible for patient care decisions, documentation review, and compliance with applicable laws and professional obligations.

Does AIdMD use PHI to train public AI models?

No. AIdMD does not use patient data or PHI to train public AI models.


This page is provided for informational purposes only and does not constitute legal advice or a contractual commitment. BAA availability, scope, and terms are subject to product, deployment model, customer use case, and execution of applicable agreements.