HIPAA (Health Insurance Portability and Accountability Act) is a federal law that was established in 1996 to protect personal health information and medical records of patients in the United States.
As of April 2024, the Community voice platform was successfully certified to be HIPAA compliant and we are happy to offer BAAs (Business Associate Agreements) to our Customers.
PROCESS
An email needs to be sent to Legal@sangoma.com with the subject line “BAA Request- Customer Name” Customer specific information must include the following:
Legal Name of Customer: this MUST match how the business has been established/ registered or incorporated
Name, Title and Email of Authorized Signatory: since this is a legally binding document, only individuals authorized to represent involved parties are permitted to sign
Physical Address: ideally this is where legal notices may be sent
Attention Name: who the responses will be addressed to within the customers organization- this is typically the Chief Security Officer or Compliance Officer
Email Address for Notices: this would be for legal notices specifically and may differ from signatories above
Note whether this customer intends to subscribe to Call Recording or not
Once the information above is received by the Sangoma Legal team and reviewed, it is processed and sent out to noted authorized signatories electronically (typically by RightSignature)
The electronic document will follow the predetermined path of signatures until it has been signed by all parties
A copy will be to all signing parties upon request and will be maintained by Legal
In the event that the Customer would like to review the verbiage of the BAA prior to being sent out for signatures, it must be mentioned in the email request above and a draft can be furnished as needed. Redlining the BAA is not common practice as it will be catered to specific services.
Return to https://help.sangoma.com/