Legal
Business Associate Agreement
Last updated: May 1, 2026
Klaxar Inc. signs a HIPAA Business Associate Agreement (BAA) with every covered entity using the platform to handle Protected Health Information. Our standard BAA template is available pre-signature on request.
What our BAA covers
- Permitted uses + disclosures of PHI
- Security safeguards (administrative, physical, technical)
- Breach notification obligations + timelines
- Sub-contractor flow-down requirements
- Termination + data return / destruction
- Audit + records access by covered entity
Sub-processors with BAAs
Our HIPAA-eligible sub-processors with countersigned BAAs include: Supabase, Anthropic, Resend, Twilio, Stripe. Full sub-processor list available under NDA in our Security Whitepaper.
BAA terms are negotiable on Enterprise contracts. Some larger covered entities require their own BAA template, which we'll review and counter-sign promptly.