Informational placeholder
This is not the full legal Business Associate Agreement. It summarises how MAIA approaches BAA requirements until your organisation receives the official agreement and signature process from our team.
Business Associate Agreement
MAIA may require a signed Business Associate Agreement (BAA) before we process, store, or otherwise handle patient-related information or protected health information (PHI) on your behalf. A BAA documents the responsibilities of both your organisation (as a HIPAA covered entity or downstream covered entity) and MAIA (as a business associate) under applicable privacy and security rules.
Before BAA completion is confirmed
Do not upload or submit PHI through MAIA websites, trial forms, or ad-hoc channels until your MAIA contact confirms that BAA completion (or an approved alternative under your compliance programme) is in place. Use only de-identified or synthetic materials for early discussions unless counsel instructs otherwise.
During onboarding
MAIA will provide the appropriate BAA review and signature process as part of onboarding — including the current template, routing for your legal or privacy office, and any institutional addenda where applicable. Timeline depends on your internal review cycles; we will not ask for production PHI until the path is clear.
Questions
This page does not constitute legal advice. Your privacy officer or counsel should review any BAA or data-use arrangement. For operational questions, contact your MAIA representative after submitting a trial request or use the contact section on the main site.