Business Associate Agreement (BAA)

This page is a plain-English summary of the BAA. The signed legal-form document is provided by request and on every paid-tier and Deaf-owned account at provisioning.

What the BAA covers.

The BAA between 1891 LLC (Business Associate) and your organization (Covered Entity, where applicable) governs how we use, disclose, and safeguard PHI in connection with the Service. It tracks the HHS-published model BAA closely; redlines are welcome on Studio and Network.

Permitted uses.

We use PHI only to provide the Service: scheduling interpreters, generating invoices, producing transcripts and minutes for your sessions, and performing the audit logging required by HIPAA. We do not use PHI for marketing, sale, or any other purpose not explicitly required by the Service.

Safeguards we maintain.

Technical, administrative, and physical safeguards as required by HIPAA Security Rule, including encryption at rest and in transit, role-based access, append-only audit logging with hash-chain integrity, retention defaults documented at /security, and an annual risk assessment.

Subprocessors and PHI.

We use a short list of subprocessors who each carry their own BAA. The full list and per-vendor BAA status lives at /legal/subprocessors.

Breach notification.

We notify you of any breach affecting your PHI within 30 days, with as much detail as we have. For low-risk events, we notify in our quarterly summary; for high-risk events, we notify within 24 hours and walk you through the response together.

How to get the BAA.

Email legal@madeby1891.com with your organization name and we'll send the executable PDF. Most BAAs are countersigned within 3 business days. Redlines are welcome on Studio and Network; we'll work them with our counsel and yours.

---

Last updated: 2026-05-17. Questions: hello@madeby1891.com.