Ayliea — AI Security Assessment & Compliance Consulting
Back to Blog
HealthcareHIPAAVendor Risk

Does Your BAA Cover Your AI Vendors?

Daviyon DanielsDaviyon Daniels4 min read

Most healthcare practices that have adopted AI do have Business Associate Agreements on file. The problem is rarely a missing BAA. It is a BAA that was written for a different kind of vendor relationship and never updated for what an AI tool actually does with patient data.

To see why that matters, it helps to look at what HIPAA requires in its own words.

When an AI vendor is a business associate

Under 45 CFR §160.103, a business associate is, in the operative phrase, a person or entity that — on behalf of a covered entity — "creates, receives, maintains, or transmits" protected health information for a function the rule regulates. (The full definition includes enumerated examples and exceptions; this is the core clause.)

Apply that test to the AI tools in a typical practice. A vendor whose model receives a prompt containing patient information, or maintains that input to improve its service, is creating, receiving, maintaining, or transmitting PHI on your behalf. When that is happening, the vendor falls within the business-associate definition — and the BAA obligation attaches.

The BAA is required, and it has to mean something

HIPAA does not leave the business-associate relationship to a handshake. The Security Rule, at 45 CFR §164.308(b)(1), permits a covered entity to let a business associate handle ePHI "only if the covered entity obtains satisfactory assurances, in accordance with § 164.314(a), that the business associate will appropriately safeguard the information." The Privacy Rule's parallel provision, 45 CFR §164.502(e)(1)(i), uses the same "satisfactory assurance" language for PHI generally. In practice, those assurances are documented through a written contract — the BAA.

What that contract must contain is set out at 45 CFR §164.504(e). Among other things, it requires the agreement to establish the permitted uses and disclosures of PHI, require appropriate safeguards, require the business associate to report unauthorized use or disclosure (including breaches), flow the same restrictions down to subcontractors, and address the return or destruction of PHI at termination. (That is an accurate summary, offered as illustration — the binding requirements are the regulatory text itself.)

Where the standard BAA falls short for AI

Here is where the standard BAA most often falls short. A BAA drafted for a conventional SaaS vendor typically governs storage, transmission, and access to PHI. It is usually silent on the questions that define AI risk:

  • Training. Does the agreement permit, or prohibit, the vendor from using your prompts and inputs to train or improve its models? A standard BAA often does not say.
  • Retention. How long does the vendor keep what it was shown, and in what form? "Permitted uses and disclosures" was written with files in mind, not model inputs.
  • Subcontractors. AI vendors frequently route inference through downstream model providers. The flow-down requirement in §164.504(e) only protects you if your agreement actually reaches those parties.

None of these are exotic legal theories. They are the existing §164.504(e) requirements, asked of a vendor whose product behaves differently than the vendors those agreements were drafted for. Our assessment reviews each AI relationship against these requirements and flags where the paper on file does not match what the tool actually does.

What to do with this

If your practice uses AI tools that touch patient information, the question is not "do we have a BAA" — it is "does the BAA we have address how this vendor uses and retains our patients' data." That is answerable. It is also the kind of finding a hospital partner's vendor-security review, or a cyber-insurer at renewal, will expect you to have already made.

An independent assessment inventories your AI vendors, evaluates each against HIPAA's business-associate requirements, and delivers a signed report a named assessor stands behind. Book a scoping call to scope yours, or see a sample of what you'd receive.

This article is general information, not legal advice. Verify specific requirements against the current regulatory text and consult counsel for your situation.

Learn more about our AI Security Assessment methodology, or book a free scoping call to discuss your organization's needs.

Book a scoping call

Related Articles

HIPAA AI Risk Analysis: What the Security Rule Requires

When AI tools touch ePHI, HIPAA's Security Rule still requires a risk analysis. What the regulation actually says, and where AI changes the picture.

HealthcareHIPAAAI Risk Assessment

NIST AI RMF in Healthcare: A Practical Map to HIPAA

The NIST AI Risk Management Framework and HIPAA aren't competing checklists. How the AI RMF's four functions support a defensible HIPAA risk analysis.

HealthcareNIST AI RMFHIPAA

AI in Healthcare: Navigating HIPAA Compliance with AI Tools

AI in healthcare is accelerating, but most organizations skip the HIPAA implications. What you need to know before your next AI deployment.

HealthcareHIPAACompliance