HIPAA compliance
Workforce AI is HIPAA compliant. If your firm handles protected health information (PHI), we will sign a Business Associate Agreement with you and handle that data under the safeguards below.
HIPAA compliance
Workforce AI is HIPAA compliant. If your firm handles protected health information (PHI), we will sign a Business Associate Agreement with you and handle that data under the safeguards below.
What HIPAA means for your firm
HIPAA is the U.S. law that governs how protected health information is handled. If your firm creates, receives, or maintains PHI and you use Workforce AI to help process it, we act as your business associate. That relationship is governed by a signed Business Associate Agreement (BAA), which sets out how we may use PHI, how we safeguard it, and what happens if something goes wrong.
Our safeguards
We maintain administrative, physical, and technical safeguards designed to meet the HIPAA Security Rule.
Business Associate Agreement
We offer a BAA to customers who need one. It defines the permitted uses of PHI, our safeguards, our breach-reporting duties, our handling of subcontractors, and the return or destruction of PHI when our work ends. Read the summarized terms on our Business Associate Agreement page, or request the countersigned version below.
Breach notification
If we discover a breach of unsecured PHI, we will notify you without unreasonable delay and within the timeframe set in your BAA, and cooperate with you on your own notification obligations.
Subcontractors and sub-processors
Where a subcontractor may handle PHI on our behalf, we require it to agree to protections at least as strict as those in your BAA. Our current providers are listed on the sub-processors page.
Your responsibilities
HIPAA is a shared responsibility. You are responsible for configuring access appropriately, controlling who on your team can see PHI, obtaining any patient authorizations you need, and using the product within the terms of your BAA. We handle the safeguards on our side; you govern the data you put in.
Request a BAA
Email privacy@hireworkforce.ai or contact us and we will send the agreement for signature. This page is a plain-language summary and does not replace the executed BAA or your service agreement.
What HIPAA means for your firm
HIPAA governs how protected health information is handled. If your firm handles PHI and uses Workforce AI to help process it, we act as your business associate, under a signed Business Associate Agreement (BAA).
Our safeguards
Administrative: security policies, workforce training, access reviews, and vendor due diligence.
Physical: hosted with cloud providers whose data centers carry their own physical-security controls.
Technical: encryption in transit (TLS 1.3) and at rest (AES-256), role-based access, audit logging, and per-customer isolation.
Business Associate Agreement
We offer a BAA to customers who need one. Read the summarized terms on our BAA page, or request the countersigned version below.
Breach notification
If we discover a breach of unsecured PHI, we notify you without unreasonable delay and within the timeframe set in your BAA, and cooperate on your notification obligations.
Subcontractors
Any subcontractor that may handle PHI must agree to protections at least as strict as your BAA. Current providers are on the sub-processors page.
Your responsibilities
You control who on your team can see PHI, obtain any patient authorizations you need, and use the product within your BAA. We handle the safeguards on our side; you govern the data you put in.
Request a BAA
Email privacy@hireworkforce.ai or contact us. This page is a plain-language summary and does not replace the executed BAA.
Talk to a real person.
We will walk you through the BAA and how PHI is protected.