HIPAA Compliance

Rosetta is designed for HIPAA-aligned handling of PHI.

Business Associate Agreement (BAA)

For institutional usage, BAAs define:

responsibilities for PHI protection
permitted uses and disclosures
breach notification procedures
required security safeguards

Security Rule Safeguards

Administrative

security ownership and policy controls
workforce training and access governance
incident response and periodic risk assessment

Physical

secure data center facility controls
workstation and device control practices

Technical

role-based access and unique identities
audit logging and integrity protections
encrypted transmission controls

Last updated on February 16, 2026

Privacy Guide DLP & Redaction