This page summarises our standard Business Associate Agreement (BAA) for organisations that require HIPAA compliance. It outlines how Hana handles Protected Health Information (PHI) and the safeguards implemented by Hanabi Technologies.
We process conversations at runtime and do not store them by default. Any data intentionally saved for product features is encrypted at rest and in transit. We do not use PHI for analytics or model training.
Upon request, administrators can delete all stored data. We also provide breach notification procedures and support access or amendment requests as required by HIPAA.
If your organisation needs a signed BAA, please contact us via the dashboard or Contact Us. We are happy to discuss your compliance requirements.