HIPAA & BAA ยท Secure email
Is LuxSci HIPAA compliant?
Yes. LuxSci provides a standard HIPAA Business Associate Agreement that customers with HIPAA accounts must read, sign, and return before using its HIPAA-eligible services with PHI.
Key facts
- BAA available: Yes โ with a signed BAA
- What it takes: HIPAA-eligible accounts
- Official source: LuxSci Business Associate Agreement (BAA) โ https://luxsci.com/company/legal/baa/ (verified 2026-06)
How to use LuxSci in a HIPAA-compliant way
- Provision a LuxSci HIPAA account / HIPAA-eligible services.
- Download the current BAA from luxsci.com/company/legal/baa.
- Read, agree to, sign, and return LuxSci's HIPAA BAA.
- Use only LuxSci HIPAA-eligible services in conjunction with PHI.
- Retain the executed BAA for your compliance records.
Important caveats
- LuxSci generally does not accept customer modifications or sign customer-provided BAAs (negotiation possible only at Enterprise level).
- Only LuxSci's HIPAA-eligible services may be used with PHI; non-eligible features are out of scope.
- A BAA is one element of compliance; you remain responsible for proper configuration and use.
The bottom line
No software is "HIPAA compliant" on its own. HIPAA compliance is a property of your organization, not a tool. Even with a signed BAA, you remain responsible for configuring LuxSci correctly, limiting access to PHI, training staff, and maintaining your own safeguards. This page is general information, not legal advice; confirm current terms with LuxSci.
Frequently asked questions
Does LuxSci sign a BAA?
Yes. HIPAA-eligible accounts A signed BAA is required before any PHI is involved.
Is LuxSci HIPAA compliant out of the box?
No software is "HIPAA compliant" by itself. Even when LuxSci offers a BAA, you are responsible for signing it, configuring the product correctly, restricting access, and maintaining your own administrative, physical, and technical safeguards.
What should I check before using LuxSci with PHI?
LuxSci generally does not accept customer modifications or sign customer-provided BAAs (negotiation possible only at Enterprise level).
