A BAA, or Business Associate Agreement, is a legally binding contract required by HIPAA for healthcare-related entities that handle Protected Health Information (PHI). It ensures that third-party “business associates,” such as billing companies or IT vendors, properly safeguard patient data and protect it from unauthorized use or disclosure.

When you sign on with ChiroUp, you will sign ChiroUp's standard BAA. We cannot accommodate signing a BAA specifically built by/for any specific clinic.

Nearly all EHR companies, including ChiroUp, use a standard BAA that is written to match the security systems, workflows, and legal requirements of the software. This isn’t something unique to ChiroUp. It’s actually how the entire healthcare tech industry operates. Because every clinic has a different version of a BAA, reviewing or negotiating each one would require extensive legal work, slow down onboarding, and often introduce requirements that conflict with how secure systems are built. Our BAA follows the federal template, includes all required HIPAA protections, and has been carefully written to cover everything needed for both parties. For those reasons we exclusively use the standard version that all subscribers sign