SkyKick conforms to all the HIPAA requirements of a Business Associate. It can therefore sign and fulfill the elements contained in its Business Associate Agreement (BAA) (once completed and signed by a covered entity performing the migration). The BAA contains the elements specified at 45 CFR 164.504€, including:
A description of the permitted and required uses of protected health information by SkyKick.
The provision that SkyKick will not use or further disclose the protected health information other than as permitted or required by the contract or as required by law
Requirements to use appropriate safeguards to prevent a use or disclosure of the protected health information other than as provided for by the contract.
For more information, see HIPAA Compliant Migrations.