Business Associate Agreement
ReviewBox is committed to HIPAA compliance and offers Business Associate Agreements for customers who handle Protected Health Information.
BAA Available
A signed HIPAA Business Associate Agreement is available for enterprise customers. Contact our team to discuss your compliance requirements and obtain a BAA.
Contact Us for BAAWhat our BAA covers
- • All PHI processed through the ReviewBox platform
- • AWS infrastructure under AWS's own HIPAA BAA (S3, RDS, ECS, Bedrock)
- • Encryption in transit (TLS 1.2+) and at rest (AES-256)
- • Breach notification, access controls, and audit logging
- • AI processing via Amazon Bedrock (no model training on your data)