AI tools that sign a HIPAA BAA (2026) — and which don't
Which AI tools are HIPAA-eligible? We asked every tool in AI Data Watch the one question a healthcare buyer actually has: will the vendor sign a Business Associate Agreement, and on which plan tier? All 34 are ranked below by BAA posture — the signers first, the honest nos last. Nothing is hidden.
1 sign a BAA on a paid plan · 9 enterprise-gated · 3 on request · 21 won't sign one · last verified 2026-06-01 · how we verify
Signs a BAA1Offers a HIPAA Business Associate Agreement on standard or qualifying paid plans.
BAA on enterprise tiers9A BAA exists, but only on specific (usually enterprise) plans — consumer tiers are excluded.
BAA on request3HIPAA coverage is available on request for qualifying plans — you have to ask.
No BAA21The vendor does not sign a BAA — never put PHI into this tool.
| # | Tool | Signs a BAA? | PHI eligible? | Which plan tier | Verified |
|---|---|---|---|---|---|
| 1 | Google GeminiGoogleBAA Atlas: Google Workspace ↗ | Signs a BAA | PHI only on covered tier | Gemini for Workspace is a HIPAA-covered service under the Google Workspace BAA. A Workspace admin must accept the BAA in the Admin console; the free consumer Gemini app is not covered. | 2026-06-01 |
| 2 | ChatGPTOpenAI | BAA on enterprise tiers | PHI only on covered tier | BAA available on ChatGPT Enterprise, the API platform, and the new ChatGPT for Healthcare (launched Jan 2026). Free, Plus and Pro consumer plans are excluded and cannot get a BAA. | 2026-06-01 |
| 3 | ClaudeAnthropic | BAA on enterprise tiers | PHI only on covered tier | A BAA is available on Claude for Enterprise (and commercial/API agreements). Consumer Claude (Free, Pro, Max) is not BAA-covered. | 2026-06-01 |
| 4 | Codeium / WindsurfCodeium | BAA on enterprise tiers | PHI only on covered tier | Windsurf/Codeium's security page states it is maintained HIPAA-compliant and will entertain a BAA for significant (enterprise) implementations with zero-data-retention by default on Teams/Enterprise; the standard MSA, however, disclaims that the Offerings meet HIPAA, so a BAA must be separately negotiated. | 2026-06-01 |
| 5 | ElevenLabsElevenLabs | BAA on enterprise tiers | PHI only on covered tier | ElevenLabs executes a BAA only for Enterprise subscriptions, which must run a HIPAA-compliant configuration with Zero Retention Mode enabled; customers contact Sales to sign the BAA before handling PHI. | 2026-06-01 |
| 6 | GrammarlyGrammarly | BAA on enterprise tiers | PHI only on covered tier | Grammarly enters a BAA only on Grammarly Business Enterprise plans with a 100-seat minimum; individual and smaller paid plans are not BAA-eligible and must not handle PHI. | 2026-06-01 |
| 7 | Microsoft 365 CopilotMicrosoftBAA Atlas: Microsoft 365 ↗ | BAA on enterprise tiers | PHI only on covered tier | Covered by Microsoft's HIPAA BAA when run inside an eligible Microsoft 365 enterprise tenant (E3/E5, Business Premium). Consumer and unlicensed add-on tiers are excluded. | 2026-06-01 |
| 8 | Otter.aiOtter.ai | BAA on enterprise tiers | PHI only on covered tier | A BAA is available on Otter Enterprise only. Basic, Pro and Business plans cannot execute a BAA. | 2026-06-01 |
| 9 | Slack AISlack (Salesforce) | BAA on enterprise tiers | PHI only on covered tier | Slack signs a BAA only for Enterprise Grid; once configured for HIPAA, PHI may appear in messages and file uploads that Slack AI operates on within Slack's trust boundary, while third-party marketplace apps stay excluded. | 2026-06-01 |
| 10 | Notion AINotion | BAA on enterprise tiers | No PHI | Notion signs a BAA only on the Enterprise plan (100+ members), and the Notion AI add-on is explicitly carved out of that BAA — so PHI may never be processed through Notion AI even on an Enterprise BAA. | 2026-06-01 |
| 11 | Fireflies.aiFireflies.ai | BAA on request | PHI only on covered tier | HIPAA compliance and a BAA are available on request for qualifying (paid) plans, executed via Fireflies' Data Processing Agreement. | 2026-06-01 |
| 12 | GrokxAI | BAA on request | PHI only on covered tier | xAI can sign a BAA for Enterprise customers after a BAA questionnaire, and PHI must be sent only via xAI's ZDR-enabled API; consumer Grok has no BAA. | 2026-06-01 |
| 13 | TabnineTabnine | BAA on request | PHI only on covered tier | Tabnine fits HIPAA workflows via its Enterprise self-hosted, VPC, on-prem and air-gapped deployments with zero code retention, where customer code never reaches Tabnine's servers; a BAA is handled through enterprise engagement rather than a self-serve click-through. | 2026-06-01 |
| 14 | Adobe FireflyAdobe | No BAA | No PHI | Adobe acts as a Business Associate only for designated HIPAA-Ready Services (e.g. Acrobat Sign Enterprise and select Document/Experience Cloud capabilities); Firefly is a creative generative-AI app and is not a HIPAA-Ready Service, so no Firefly BAA is available. | 2026-06-01 |
| 15 | Amazon Q DeveloperAmazon Web Services | No BAA | No PHI | AWS signs a single BAA covering eligible services, but Amazon Q Developer is NOT on the AWS HIPAA Eligible Services Reference list (only Amazon Q Business is); AWS states Q Developer is not designed to transmit, store or process ePHI. | 2026-06-01 |
| 16 | Canva (Magic Studio)Canva | No BAA | No PHI | Canva does not sign a BAA on any plan, including Canva Enterprise; its Trust Center offers only GDPR-oriented Data Processing Addendums, not a HIPAA BAA. | 2026-06-01 |
| 17 | Character.AICharacter.AI | No BAA | No PHI | Character.AI is a consumer entertainment chatbot with no HIPAA BAA and no healthcare/enterprise compliance tier; users are advised not to share sensitive or medical data. | 2026-06-01 |
| 18 | Copy.aiCopy.ai | No BAA | No PHI | Copy.ai is a marketing/GTM writing tool whose public security and trust materials address general data privacy (SOC 2 / GDPR / CCPA style) but contain no HIPAA compliance statement or BAA offering. | 2026-06-01 |
| 19 | CursorAnysphere | No BAA | No PHI | Cursor (Anysphere) does not publicly offer a BAA on any plan — Free, Pro, Business or Enterprise — and its terms contain no HIPAA provisions; healthcare teams are directed to contact sales but no BAA is documented. | 2026-06-01 |
| 20 | DeepSeekDeepSeek | No BAA | No PHI | DeepSeek publishes no HIPAA BAA and offers no HIPAA-compliant tier; data is stored in the People's Republic of China and the product carries no compliance or transparency guarantees for healthcare use. | 2026-06-01 |
| 21 | DescriptDescript | No BAA | No PHI | Descript's published compliance program (security page, SecurityPal trust center) covers SOC 2 Type II, GDPR, CCPA and Privacy by Design but lists no HIPAA attestation and offers no BAA on any plan, including Enterprise. | 2026-06-01 |
| 22 | GitHub CopilotGitHub (Microsoft) | No BAA | No PHI | GitHub Copilot is explicitly outside Microsoft's HIPAA BAA scope — it is not a BAA-covered service even on enterprise GitHub plans. | 2026-06-01 |
| 23 | Google NotebookLMGoogle | No BAA | No PHI | NotebookLM is absent from Google Workspace's 'HIPAA Included Functionality' list, so it is not covered by the Google Workspace HIPAA BAA; the free consumer app is likewise out of scope. | 2026-06-01 |
| 24 | JasperJasper | No BAA | No PHI | The Jasper marketing platform's security documentation advises against entering protected health information and offers no BAA; the separately-owned, unrelated 'Jasper Health' company is the only Jasper-named entity that signs BAAs. | 2026-06-01 |
| 25 | Meta AIMeta | No BAA | No PHI | Meta does not sign a HIPAA BAA for any of its products, including Meta AI; it is a consumer service not designed for PHI and has faced enforcement over health-data handling. | 2026-06-01 |
| 26 | Microsoft CopilotMicrosoft | No BAA | No PHI | Consumer Microsoft Copilot (the free / web Copilot) is excluded from Microsoft's HIPAA BAA — only Microsoft 365 enterprise Copilot is covered. | 2026-06-01 |
| 27 | MidjourneyMidjourney | No BAA | No PHI | Midjourney is a consumer creative image-generation service with no security/compliance program and no BAA offering on any tier; it does not execute HIPAA BAAs. | 2026-06-01 |
| 28 | Mistral Le ChatMistral AI | No BAA | No PHI | Mistral does not publish a HIPAA BAA for Le Chat (including Le Chat Enterprise); a GDPR DPA and API Zero Data Retention exist but are not a BAA. HIPAA-grade use is only attainable by self-hosting the open-weight models yourself. | 2026-06-01 |
| 29 | Perplexity AIPerplexity | No BAA | No PHI | Perplexity does not sign a BAA — not even on Enterprise Pro. There is no HIPAA-covered Perplexity tier. | 2026-06-01 |
| 30 | PoeQuora | No BAA | No PHI | Poe (by Quora) is a consumer multi-model chatbot aggregator with no HIPAA BAA; its privacy policy warns against sharing sensitive information and shares chats with third-party model providers and bot developers. | 2026-06-01 |
| 31 | QuillBotQuillBot (Course Hero/Learneo) | No BAA | No PHI | QuillBot's Trust Center commits to GDPR, CCPA and PCI DSS but lists no HIPAA compliance or BAA offering; third-party aggregator claims of 'HIPAA compliant' are not corroborated by QuillBot's first-party documentation. | 2026-06-01 |
| 32 | Replit AIReplit | No BAA | No PHI | Replit does not offer a BAA or advertise HIPAA eligibility, and its 2026 Commercial Agreement and DPA add no HIPAA/BAA terms; it also lacks HIPAA controls such as PHI-safe isolation, audit logs and breach alerting. | 2026-06-01 |
| 33 | Sourcegraph CodySourcegraph | No BAA | No PHI | Sourcegraph's published compliance program covers SOC 2 Type II, ISO 27001, GDPR and CCPA but lists no HIPAA attestation and offers no BAA; Cody is a developer code-AI product not positioned for PHI. | 2026-06-01 |
| 34 | Zoom AI CompanionZoom | No BAA | No PHI | Zoom signs a BAA for Meetings, Phone and Team Chat on eligible plans, but AI Companion's generative features (notes, summaries, transcription, chatbot) are excluded from standard BAA coverage and are auto-restricted when a BAA is active. | 2026-06-01 |
Ranked by BAA posture — the tools that sign a Business Associate Agreement first, then enterprise-gated, on-request, and the vendors that won't. Tap any tool for the plan-tier breakdown, PHI verdict and dated sources.
Get notified when this changes
AI data policies shift quietly. Leave your email and we'll alert you when a tool we track changes how it uses your data.
These HIPAA / BAA verdicts are cited public information, not legal or compliance advice. Whether an AI tool will sign a BAA — and on which plan tier PHI is permitted — changes and depends on your specific plan, region and contract. Always confirm a current BAA directly with the vendor before sending any protected health information.
Frequently asked questions
Which AI tools sign a HIPAA BAA?
Of the 34 AI tools we track, 1 sign a BAA on a standard or qualifying paid plan (Google Gemini). A further 9 offer one only on enterprise tiers (ChatGPT, Claude, Codeium / Windsurf, ElevenLabs, Grammarly, Microsoft 365 Copilot, and others), and 3 sign one on request (Fireflies.ai, Grok, Tabnine). 21 do not sign a BAA at all. Every verdict on this page links a dated public source.
Is ChatGPT HIPAA compliant?
PHI is permitted only on a BAA-covered Enterprise, API or ChatGPT-for-Healthcare account — never on Free, Plus or Pro. OpenAI trains on consumer ChatGPT (Free, Plus, Pro) conversations by default unless you switch it off, but does not train on ChatGPT Team, Enterprise, Edu or the API by default.
Does Perplexity sign a BAA?
No — Perplexity does not sign a BAA — not even on Enterprise Pro. There is no HIPAA-covered Perplexity tier. Do not enter PHI into Perplexity — it does not sign a BAA on any plan, including Enterprise Pro.
Can I put PHI (protected health information) into an AI chatbot?
Only when the vendor has signed a HIPAA Business Associate Agreement (BAA) that covers your specific plan, and only on that covered tier. On most tools a BAA is enterprise-gated or unavailable, so consumer and free tiers are never PHI-eligible. Confirm a current BAA directly with the vendor before sending any PHI — this page is cited public information, not legal advice.
What does “BAA on enterprise tiers” mean for HIPAA?
It means the vendor will sign a BAA, but only on a specific (usually enterprise or business) plan — the free and consumer tiers are contractually excluded and cannot lawfully process PHI. The plan-tier column on this page names the exact tier each tool gates its BAA behind.