Effective for all PracticeIQ360 subscribers · Last updated: March 2026
A signed BAA is automatically included with all PracticeIQ360 subscriptions. To request a countersigned copy or to execute a custom BAA, contact compliance@practiceiq360.com.
Business Associate (BA): PracticeIQ360, Inc. Covered Entity (CE): The subscribing medical practice. PHI and ePHI have the meanings set forth in 45 C.F.R. §§ 160.103 and 164.304.
PracticeIQ360 may use and disclose PHI only as necessary to perform services described in your subscription agreement, as required by law, or as otherwise permitted by HIPAA. We will not use PHI for marketing or sell PHI to third parties.
We implement and maintain appropriate administrative, physical, and technical safeguards to protect ePHI as required by the HIPAA Security Rule (45 C.F.R. Part 164, Subpart C), including encryption at rest and in transit, access controls, audit logging, and workforce training.
PracticeIQ360 requires all subcontractors that receive or process PHI on our behalf to execute a Business Associate Agreement providing equivalent protections to those in this agreement.
In the event of a Breach of Unsecured PHI, PracticeIQ360 will notify the Covered Entity within 60 calendar days of discovery, in accordance with 45 C.F.R. § 164.410.
Upon request, PracticeIQ360 will make PHI available to support the Covered Entity in fulfilling individual rights requests (access, amendment, accounting of disclosures) under 45 C.F.R. §§ 164.524, 164.526, and 164.528.
This BAA remains in effect for the duration of the subscription. Upon termination, PracticeIQ360 will return or securely destroy all PHI within 90 days, unless retention is required by law.
For compliance and BAA inquiries: compliance@practiceiq360.com