Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How to Sign a Business Associate Agreement (BAA) with Dropbox

            Created by Mark Williamson, Modified on Wed, 14 May at 5:11 PM by Mark Williamson

            How to Sign a Business Associate Agreement (BAA) with Dropbox


            Overview

            A Business Associate Agreement (BAA) is a legally required document under the Health Insurance Portability and Accountability Act (HIPAA) for any organization that shares protected health information (PHI) with a third-party service provider. Dropbox offers BAAs to customers using Dropbox Business, specifically Dropbox Business Advanced, Enterprise, or Education plans.

            This guide outlines the steps to request and sign a BAA with Dropbox.

            Prerequisites

            Before requesting a BAA from Dropbox, ensure the following:

            • You have a Dropbox Business Advanced, Enterprise, or Education account.

            • You are an admin of your Dropbox team.

            • You are authorized to sign legal agreements on behalf of your organization.

            Dropbox Basic, Plus, and Family plans are not eligible for a BAA.

            Steps to Sign a BAA with Dropbox

            1. Sign In to Dropbox Admin Console

            2. Navigate to the Account Settings

            • In the Admin Console, click on Settings.

            • Scroll to Compliance or HIPAA settings (this section may only appear for eligible plans).

            3. Request a BAA

            • If your plan is eligible, you will see an option to “Request a BAA.”

            • Click the button or link to initiate the request.

            4. Complete the BAA Request Form

            • Fill out the required organizational information.

            • Specify the primary contact for HIPAA compliance and legal notices.

            5. Review and Sign the BAA

            • Dropbox will provide a standard BAA for your review.

            • You can electronically sign it or route it through your internal legal team for review.

            • If changes are needed, you may need to contact Dropbox Support or your Account Manager.

            6. Confirmation and Retention

            • Once the BAA is signed by both parties, a copy will be sent to your designated contact.

            • Save this agreement in your records as part of your HIPAA compliance documentation.

            Additional Considerations

            • Data Handling: Dropbox does not access or monitor the contents of your files unless required by law. However, the BAA ensures that if PHI is stored, Dropbox will comply with HIPAA safeguards.

            • Security Features: To help maintain HIPAA compliance, enable features like:

              • Two-factor authentication

              • Audit logs

              • Device management

              • Shared link restrictions

            • Support: For any issues or custom arrangements, contact Dropbox Support or your Account Manager directly.

            Helpful Links

            If you need help navigating the process or verifying whether Dropbox is suitable for your compliance needs, feel free to reach out to our team.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0