HIPAA · Business Associate

Business Associate Agreement.

Healthcare customers who handle Protected Health Information (PHI) need a BAA in place before deployment. Contact us to request execution — our team will send a countersigned BAA typically within one business day.

Request a BAA

Email us with your organisation's legal name, jurisdiction of incorporation, and the full name and title of your authorised signer. We'll prepare and return a countersigned BAA.

Email us to request a BAA Ask in support chat

What's in the BAA

Permitted uses

Nutan may process PHI only to perform the services — no secondary use, no training on your data.

Safeguards

Industry-standard strong encryption, access controls, and audit logging, all running on-device by default.

Breach notification

72-hour notification SLA for any confirmed incident affecting PHI.

Return or destruction

Upon termination, PHI is destroyed on request, with attestation.