How do I start

Question

How do I start

PATRICIA COLEMAN 0

HOW DO I START?

All I want to use Azure for is dictating, formatting and storing medical documents. HIPPA compliance is necessary. I have no idea how to set up Azure for this purpose. I can’t locate the BAA to sign. Don’t know how to start.

Azar 28,000 Reputation points MVP

2025-04-28T18:14:35.11+00:00

Hi there PATRICIA COLEMAN

Thanks for using QandA platform

you'll first need to create an Azure account. After that, you should sign a Business Associate Agreement with Microsoft it's available automatically when you set up an enterprise agreement or through the Microsoft Compliance Manager.

For your use case you can use services like Azure Speech-to-Text for dictation, Azure Blob Storage for secure document storage, and ensure everything is configured inside a HIPAA-compliant setup (

I recommend starting with:

Azure Free Account → azure.com/free

Compliance Manager → to review HIPAA documentation and BAA.

Speech services + Storage account → deployed in a secured environment.

You don’t need to build everything yourself Azure has templates and tools to make it easier!

If this helps kindly accept the answer thanks much.
Manas Mohanty 3,210 Reputation points Microsoft External Staff

2025-05-01T04:09:27.19+00:00

Hi PATRICIA COLEMAN

We are still waiting for your feedback on above shared pointers. Please let us know if you have still queries on it.

Thank you
Manas Mohanty 3,210 Reputation points Microsoft External Staff

2025-05-02T04:53:42.6533333+00:00

Hi PATRICIA COLEMAN

We have not heard back from you. Hope the pointer shared were useful to you.

Please accept below answer if it helped address your issue.

Thank you.

1 answer

Your answer

Azar 28,000 Reputation points MVP

2025-04-28T18:14:35.11+00:00

Hi there PATRICIA COLEMAN

Thanks for using QandA platform

you'll first need to create an Azure account. After that, you should sign a Business Associate Agreement with Microsoft it's available automatically when you set up an enterprise agreement or through the Microsoft Compliance Manager.

For your use case you can use services like Azure Speech-to-Text for dictation, Azure Blob Storage for secure document storage, and ensure everything is configured inside a HIPAA-compliant setup (

I recommend starting with:

Azure Free Account → azure.com/free

Compliance Manager → to review HIPAA documentation and BAA.

Speech services + Storage account → deployed in a secured environment.

You don’t need to build everything yourself Azure has templates and tools to make it easier!

If this helps kindly accept the answer thanks much.
Manas Mohanty 3,210 Reputation points Microsoft External Staff

2025-05-01T04:09:27.19+00:00

Hi PATRICIA COLEMAN

We are still waiting for your feedback on above shared pointers. Please let us know if you have still queries on it.

Thank you
Manas Mohanty 3,210 Reputation points Microsoft External Staff

2025-05-02T04:53:42.6533333+00:00

Hi PATRICIA COLEMAN

We have not heard back from you. Hope the pointer shared were useful to you.

Please accept below answer if it helped address your issue.

Thank you.

Answer 1

Hi PATRICIA COLEMAN

HIPPA covered entities and business associates

HIPAA applies to covered entities – doctors’ offices, hospitals, health insurers, and other healthcare companies – that create, receive, maintain, transmit, or access PHI. HIPAA further applies to business associates of covered entities that perform certain functions or activities involving PHI as part of providing services to the covered entity or on behalf of the covered entity. When a covered entity engages the services of a cloud service provider (CSP), such as Microsoft, the CSP becomes a business associate under HIPAA.

Signing HIPPA BAA

There is no separate contract to sign to enter into a HIPAA BAA with Microsoft because the HIPAA BAA is available via the Microsoft Product Terms (formerly Online Services Terms) by default to all customers who are covered entities or business associates under HIPAA.

If you're a SaaS provider of a healthcare solution deployed on Azure, your customers who are healthcare providers or covered entities under HIPAA can sign a BAA directly with you.

They don't need to have a BAA in place with Microsoft to use your SaaS solution. The Microsoft BAA terms incorporated into your licensing agreement with Microsoft wouldn't be applicable to your customers unless they also happen to be Microsoft customers and have separate licensing agreements in place with Microsoft.

Microsoft HIPAA BAA is applicable to Microsoft Online Services such as Azure and made available by default to Microsoft customers via a licensing agreement execution that includes the Microsoft Product Terms (formerly Online Services Terms) and the Microsoft Products and Services Data Protection Addendum (DPA).

HIPPA document location

Here is the document location for HIPPA BAA.

HIPPA compliance

But you will need to initiate respective compliance policy and setup your specific resource accordingly to stay HIPPA compliant. Microsoft don't handle the compliance on your resources.

You can also manage compliance for all resource and generate compliance report Microsoft purview compliance centre.

Reference

Frequently Asked questions on HIPPA BAA

Data protection Addendum

Reference threaddetails of HIPPA-HITRUST

Hope it helps.

Thank you.

Share via

How do I start

1 answer

Your answer