business associate agreement

David Woolley forums at
Mon Jun 1 15:09:53 EDT 2015

On 01/06/15 19:26, Catherine Galle wrote:
> We are interested in using pidgin with the otr plugin for messaging
> between staff, as pidgin-otr has high ratings/reviews. We are a doctor's
> office and therefore governed by the rules of HIPAA. Would it be
> possible to get a business associate agreement between our company and
> pidgin?

No single legal person owns Pidgin.  Whilst I'm not familiar with the 
sort of agreement you are talking about, I rather suspect no-one would 
have the authority to sign it.

I'd also note that the OTR support is a third party plugin, so not 
covered by this mailing list.  Also, my understanding is that OTR 
concentrates on deniability rather than security, which is not a 
property one would want in a health environment.

More information about the Support mailing list