BBAA Atlas

Is Calendly HIPAA compliant?

Scheduling · vendor site ↗

No BAANot for PHISOC 2 Type II
Will Calendly sign a HIPAA BAA?
No — Calendly does not sign a HIPAA Business Associate Agreement (BAA).
Calendly does not sign a Business Associate Agreement on any plan, including Enterprise, per recent reviews of Calendly's own statements.
PHI eligibility
PHI must not be collected, stored, or transmitted through Calendly because no BAA is offered and its terms prohibit PHI.
SOC 2
SOC 2 Type II
Trust center
calendly.com
Sub-processors
Notes
Calendly's help center no longer surfaces a HIPAA statement on its own domain; this verdict relies on a recently-reviewed third-party source. Re-confirm directly with Calendly before relying on it.
Last verified 2026-05-31confidence: medium· Vendor terms change — confirm directly with Calendly before storing PHI.

Get notified when this changes

We track Calendly's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with Calendly

No — Calendly does not sign a HIPAA Business Associate Agreement (BAA).

There is no BAA to request — Calendly will not sign one. Calendly does not sign a Business Associate Agreement on any plan, including Enterprise, per recent reviews of Calendly's own statements.

Need a vendor in this space that does? See which HIPAA compliant forms & scheduling tools sign a BAA →

Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Calendly before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does Calendly sign a HIPAA Business Associate Agreement (BAA)?
No — Calendly does not sign a HIPAA Business Associate Agreement (BAA). Calendly does not sign a Business Associate Agreement on any plan, including Enterprise, per recent reviews of Calendly's own statements.
Is Calendly HIPAA compliant?
Calendly is not HIPAA-ready: it does not sign a Business Associate Agreement (BAA), so you cannot use it to process protected health information (PHI). PHI must not be collected, stored, or transmitted through Calendly because no BAA is offered and its terms prohibit PHI.
Can you store PHI (protected health information) in Calendly?
PHI must not be collected, stored, or transmitted through Calendly because no BAA is offered and its terms prohibit PHI.
Is Calendly SOC 2 certified?
Calendly reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from Calendly?
You can't — Calendly does not sign a HIPAA Business Associate Agreement. Calendly does not sign a Business Associate Agreement on any plan, including Enterprise, per recent reviews of Calendly's own statements.
What plan do I need to sign a BAA with Calendly?
Calendly does not offer a BAA on any plan, so no plan qualifies. Calendly does not sign a Business Associate Agreement on any plan, including Enterprise, per recent reviews of Calendly's own statements.

Sources

Is Calendly HIPAA compliant? (2026 update) — Paubox
https://www.paubox.com/blog/is-calendly-hipaa-compliant
Supports: Calendly will not sign a BAA and is therefore not HIPAA compliant; Feb 2026 review found no policy changedated: 2026-02
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Calendly before processing protected health information.

Check another vendor

Acuity SchedulingBAA on select plansActiveCampaignBAA on select plansAdobe Acrobat SignBAA on select plansAircallSigns a BAAAirtableBAA on select plansAmazon Web Services (AWS)Signs a BAA

See all HIPAA compliant forms & scheduling tools
Browse all 105 vendors by category →