Legal
Business Associate Agreement
Last updated January 1, 2026
The BAA Salus AI signs with every covered-entity customer.
Purpose
Salus AI acts as a Business Associate under HIPAA when handling Protected Health Information (PHI) on behalf of a Covered Entity. This standard BAA governs that relationship and is executed before any PHI is transmitted.
Permitted Uses
Salus may use and disclose PHI only as necessary to perform services described in the underlying agreement, or as required by law.
Safeguards
Salus implements administrative, physical, and technical safeguards required by 45 CFR §§164.308, 164.310, and 164.312, including encryption in transit and at rest, access controls, and audit logging.
Subcontractors
Salus ensures any subcontractor that receives PHI signs a written agreement with terms substantially similar to this BAA.
Breach Notification
Salus will notify the Covered Entity of any breach of Unsecured PHI without unreasonable delay and no later than 60 days after discovery.
Term & Termination
This BAA is effective on execution and terminates when all PHI is returned or destroyed, or, if infeasible, protections are extended indefinitely.
Request a Signed Copy
Email compliance@salus.ai to receive an executable copy for signature.
EHR & PM Integrations
We integrate with every EHR across North America.
Epic, Cerner, Athena, eClinicalWorks, Jane, OSCAR, TELUS Health — if your practice runs on it, Salus writes back to it.