HIPAA / BAA

Business Associate Agreement

EDNA offers a BAA for covered entities and business associates who require one under HIPAA.

Who Needs a BAA with EDNA?

Under HIPAA, a Business Associate Agreement is required when a covered entity shares Protected Health Information (PHI) with a service provider (business associate). If your organization is a HIPAA-covered entity — such as a hospital, health system, or medical group — and you are using EDNA to manage provider credential data that includes PHI, a BAA may be required.

What EDNA's BAA Covers

Permitted uses and disclosures of PHI by EDNA
EDNA's obligations to safeguard PHI
Breach notification obligations and timelines
Subcontractor requirements (Supabase, Stripe, Netlify)
Return or destruction of PHI upon termination

EDNA's HIPAA Posture

EDNA is designed to be HIPAA-Ready. We maintain administrative, physical, and technical safeguards appropriate for a platform handling healthcare professional credential data. Our infrastructure partners (Supabase, Netlify, Stripe) maintain their own compliance programs.

Note: EDNA's BAA template is currently being finalized with legal counsel. Hospital and health system customers requiring a BAA prior to deployment should contact us directly to initiate the process.

Request a BAA

To request a Business Associate Agreement, contact:

legal@ednaknows.com
Marodi Digital Automation LLC · Coeur d'Alene, ID

Please include your organization name, contact information, and your anticipated go-live date. We will respond within 2 business days.

Business Associate Agreement

Who Needs a BAA with EDNA?

What EDNA's BAA Covers

EDNA's HIPAA Posture

Request a BAA

Related Resources