Book a demo

Business associate agreement

Last updated: June 27, 2026

What a Business Associate Agreement is

A Business Associate Agreement (BAA) is a contract required by HIPAA between a covered entity (such as a dental practice) and a business associate (such as a software vendor) that handles protected health information (PHI) on the covered entity's behalf. It sets out how PHI may be used and protected.

DentalCareOS provides a BAA on request

When a dental practice uses DentalCareOS to store or process PHI, DentalCareOS acts as the practice's Business Associate. We will enter into a BAA with covered-entity customers as part of onboarding. If you need a copy for review, we provide our standard BAA on request.

Summary of standard BAA obligations

Our standard BAA commits DentalCareOS to:

  • Use and disclose PHI only as the agreement and HIPAA permit.
  • Apply appropriate administrative, technical, and physical safeguards.
  • Report security incidents and breaches of unsecured PHI to the practice as required.
  • Ensure that subcontractors who handle PHI agree to equivalent protections (flow-down).
  • Make PHI available to support the practice's access and amendment obligations.
  • Return or destroy PHI when the agreement ends, where feasible.

The executed BAA contains the full and controlling terms.

How to request a BAA

To request our standard BAA, contact us at legal@dentalcareos.com or ask your DentalCareOS contact during onboarding. (This contact address is a draft placeholder pending counsel review.)

Informational only

This page is informational only and is not itself a Business Associate Agreement. The BAA you execute with DentalCareOS governs the handling of PHI and controls over this summary.