Wagvioby AgenTeam5Home

Business Associate Agreement (HIPAA)

If you are a HIPAA covered entity (or a business associate) using Wagvio to create, receive, maintain, or transmit Protected Health Information (PHI), you can enter into a Business Associate Agreement (BAA) with AgenTeam5. This page summarizes the terms; request a counter-signed copy via the Contact page.

Summary of terms

Under the BAA, AgenTeam5 (the "Business Associate") agrees to:

  • Use and disclose PHI only as permitted by the agreement, your instructions, or as required by law.
  • Implement administrative, physical, and technical safeguards consistent with the HIPAA Security Rule (45 CFR §164.308, §164.310, §164.312) to protect electronic PHI.
  • Encrypt ePHI in transit (TLS) and at rest, maintain access controls and unique user authentication, and keep an audit log of access to PHI.
  • Report any use or disclosure not provided for by the agreement, and any Security Incident or Breach of unsecured PHI, without unreasonable delay and consistent with 45 CFR §164.410.
  • Ensure that any sub-processors that handle PHI agree to substantially the same restrictions (see sub-processors).
  • Make PHI available for access, amendment, and accounting of disclosures as required by the Privacy Rule, and make records available to HHS for compliance review.
  • On termination, return or destroy PHI where feasible, and otherwise extend protections to any PHI retained.

Your responsibilities (covered entity)

You remain responsible for obtaining any patient authorizations, for the lawful basis of the PHI you process, for configuring access within your workspace appropriately, and for using the service in a HIPAA-compliant manner. You must not send PHI to features or channels not covered by the BAA.

Honest scope note

We operate the HIPAA Security Rule technical safeguards described on our Trust & security page. Where a sub-processor requires its own BAA to cover PHI, we will confirm that coverage is in place for your use case before the agreement is effective. We will tell you plainly if a specific provider cannot offer a BAA for a given feature.

Request a BAA

Use the Contact pagewith subject "BAA request" and your organization details. We will send the agreement for signature.