HIPAA Compliant

Business Associate Agreement

NGM FlowMed is committed to protecting Protected Health Information (PHI) and ensuring HIPAA compliance for all healthcare providers using our platform.

BAA Available for Enterprise Plans

Business Associate Agreements are included with all Enterprise plans. For Professional plan users, BAAs are available upon request for an additional fee.

Request BAA

What is a BAA?

A Business Associate Agreement (BAA) is a legal contract required under HIPAA between a healthcare provider (Covered Entity) and a vendor (Business Associate) that handles Protected Health Information on their behalf.

Our Commitments

  • Implement appropriate safeguards to prevent unauthorized use or disclosure of PHI
  • Report any security incidents or breaches to the Covered Entity
  • Ensure any subcontractors agree to the same restrictions and conditions
  • Make PHI available to individuals requesting access to their records
  • Return or destroy PHI upon termination of the agreement

Security Measures

NGM FlowMed implements comprehensive security measures including:

  • 256-bit AES encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • SOC 2 Type II certified infrastructure
  • Regular third-party security audits
  • Role-based access controls

Contact Us

For BAA requests or questions about HIPAA compliance, please contact our compliance team at compliance@ngmflowmed.com