HIPAA | The Library

Technical deep-dives into HIPAA, HITECH, and HITRUST requirements. This resource provides specific configuration guides for PHI protection, Business Associate Agreement (BAA) negotiation strategies, and technical safeguards for health-tech innovators.

All AI GovernanceCloud SecurityCybersecurityGRC EngineeringHIPAASOC 2
Business Associate Agreement BAA: Featured image for josefkamara.com Healthcare Compliance article
HIPAA

What Is a Business Associate Agreement (BAA)?

December 17, 2025 | 11 min read

Before the 2013 HIPAA Omnibus Rule, Business Associates operated in a regulatory gray zone. Covered entities signed agreements. Vendors accepted them. HHS had no direct enforcement authority over the vendors themselves. When Advocate Medical Group...

Read the Guide