DRAFT — pending legal review. This page describes our current operational posture for HIPAA-eligible tenants. It has NOT yet been reviewed by counsel and is NOT a binding commitment. If you are evaluating iqcloud for a HIPAA workload, contact us before relying on any terms on this page; we will share the signed-off version privately and execute a BAA before any PHI flows through the platform.
HIPAA disclosure
iqcloud and HIPAA
How the iqcloud platform handles Protected Health Information (PHI) for tenants on the HIPAA-eligible plan.
Effective: [pending legal review]. Last drafted: 2026-06-03.
Scope
Who and what this covers.
This disclosure applies to tenants on the HIPAA-eligible plan with an executed Business Associate Agreement (BAA). The marketing site (iqcloud.cloud) and the public-facing portal surfaces are NEVER in HIPAA scope; PHI must only enter the platform inside a HIPAA-eligible tenant workspace after BAA execution.
“HIPAA-eligible” here means that the platform's controls and subprocessor selection support PHI handling under HIPAA — but the tenant remains responsible for their own HIPAA program: workforce training, risk assessments, breach response playbooks, designated Privacy and Security officers, and the administrative, physical, and technical safeguards required of a Covered Entity.
Business Associate Agreement
BAA availability and scope.
BAA availability.
A signed BAA is required before any PHI flows through the platform. Available on request — legal@iqcloud.cloud (placeholder address; replace if a different intake address is in use).
BAA scope.
Covers iqcloud-operated services (scheduling, billing, automation, identity within the HIPAA-eligible tenant workspace). Does NOT cover third-party integrations the tenant configures themselves (e.g. their own SMS provider, their own EHR sync — see the Subprocessor table below for what IS covered).
BAA exclusions.
Marketing surfaces (iqcloud.cloud public site), trial accounts, anonymous analytics, and Stripe checkout (Stripe has its own BAA with the tenant if needed) are NOT in BAA scope.
Document.
Request the BAA → (once signed PDFs are hosted, this is replaced with a real download link).
Encryption
Encryption posture.
At rest.
AES-256, Azure-managed keys, with per-tenant scoping where the data plane supports it. See /legal/security for the broader posture.
In transit.
TLS 1.2 minimum (1.3 where supported), HSTS on every public hostname.
Key management.
Keys live in Azure Key Vault; per-tenant data-encryption keys [pending legal review for specific key-isolation guarantees in the BAA].
Workforce access to PHI.
Documented approval, time-bound, audit-logged. Production access for engineers requires multi-sig per the existing access-governance regime.
See /legal/security for the platform-wide encryption and access controls that apply to ALL tenants; this HIPAA disclosure extends those controls with HIPAA-specific commitments.
Audit logs
Audit log retention.
Append-only audit log.
Written on every privileged write: operator invites, role changes, configuration changes, and PHI-bearing record edits inside the HIPAA-eligible tenant.
Retention.
[pending legal review — typical HIPAA retention guidance is 6 years post-record; verify with counsel before publishing].
Access.
Tenant administrators on the HIPAA-eligible plan have read access to their own tenant's audit log; iqcloud staff access requires documented approval.
Export.
Audit log export is available on request for BAA-covered tenants.
Breach notification
Breach notification SLA.
Initial acknowledgement.
[pending legal review — typical HIPAA business-associate notification is “without unreasonable delay and no later than 60 days from discovery”; counsel will scope a tighter operational SLA].
Notification channel.
Written notice to the tenant's designated security contact (configured at onboarding); secondary notice via the in-portal incident inbox.
Information included.
Nature of the incident, categories of PHI involved, mitigation steps taken, and recommended tenant actions.
Tenant cooperation.
Tenants are required to provide a current security-contact email and respond to breach notifications within their own HIPAA timeframes.
Subprocessors
Subprocessor HIPAA-eligibility.
Which subprocessors handle PHI, what their HIPAA posture is, and whether their BAA chain is in place.
| Subprocessor | Purpose | HIPAA posture | BAA status |
|---|---|---|---|
| Microsoft Azure | Compute, storage, identity, networking | HIPAA-eligible services per Microsoft's Service Trust Portal. | Covered under Microsoft Online Services BAA. |
| Microsoft Graph (Mail, Teams) | Email + Teams notifications (opt-in) | Eligible when configured per Microsoft's HIPAA guidance. | Covered under the same Microsoft BAA. |
| Stripe | Payments | NOT in BAA scope. Payment data is not PHI under HIPAA; PHI must never be sent to Stripe through metadata, descriptions, or customer notes. | N/A (no BAA — design contract). |
| OpenAI / Anthropic (AI features) | AI assistance (drafts, summaries, scheduling suggestions) | NOT enabled by default for HIPAA-eligible tenants. AI features must be explicitly enabled per tenant. When enabled for a HIPAA tenant, a BAA-eligible API tier (or a self-hosted equivalent) is required. | [pending legal review — current default is OFF for HIPAA tenants] |
| iqcloud platform | First-party services (scheduling, billing, automation) | Covered under the iqcloud BAA. | iqcloud BAA. |
If you operate a HIPAA workload that needs a subprocessor not on this list, contact us — we evaluate additions on a per-tenant basis and update this list when the BAA chain is in place.
Boundary
What's NOT in HIPAA scope.
So prospects understand the BAA does NOT magically cover everything — the boundary is explicit.
- The public marketing website (iqcloud.cloud).
- Trial accounts and any pre-BAA tenant workspace.
- Anonymous analytics and telemetry (no PHI tied to operator events).
- Public-facing portal surfaces (e.g. customer-booking widgets) unless the tenant is on the HIPAA-eligible plan AND has explicitly configured them under their BAA.
- Stripe checkout pages and webhooks (Stripe is not a BAA-covered subprocessor for iqcloud).
Request
How to request a BAA.
Contact legal@iqcloud.cloud with your tenant name, intended HIPAA workload (scheduling, automation, etc.), and your Privacy/Security officer's contact details. The BAA will be sent for signature within [pending legal review — typical turnaround is 5–10 business days]. PHI must not flow through the platform until the BAA is signed.
Last drafted 2026-06-03.
See the broader security page →Terms of service →legal@iqcloud.cloud