Did You Just Become a HIPAA Business Associate?

Signing a Business Associate Agreement with a US healthcare customer triggers HIPAA compliance obligations immediately — covering PHI handling, breach notification, subcontractor management, and AI training data restrictions. Most manufacturers outside the US don't discover this until an audit questionnaire arrives. This article maps the obligations, the three gaps device manufacturers most commonly haven't built, and where to start before the next contract is signed.