BBAA Atlas

Is Cisco Webex HIPAA compliant?

Video conferencing · vendor site ↗

Signs a BAAPHI eligibleSOC 2
Will Cisco Webex sign a HIPAA BAA?
Yes — Cisco Webex will sign a HIPAA Business Associate Agreement (BAA).
Cisco signs a HIPAA Business Associate Agreement covering core Webex services. Cisco has conducted a HIPAA self-assessment on Webex Meetings, Teams/Messaging, Control Hub, Webex for Developers, and Contact Center, and provides a BAA-initiation path for healthcare customers. The BAA governs use and disclosure of PHI under a shared-responsibility model; the third-party HIPAA report is available on Cisco's Trust Portal on request.
PHI eligibility
PHI is permitted once a BAA is executed with Cisco and the customer configures Webex correctly per the shared-responsibility model; Webex is not an EHR or system of record.
SOC 2
SOC 2
Trust center
cisco.com
Sub-processors
Notes
Customers must request the BAA and HIPAA self-assessment via their Cisco account team; configuration is the customer's responsibility.
Last verified 2026-05-31confidence: high· Vendor terms change — confirm directly with Cisco Webex before storing PHI.

Get notified when this changes

We track Cisco Webex's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with Cisco Webex

Yes — Cisco Webex will sign a HIPAA Business Associate Agreement (BAA).

Request routeThrough sales / your account team
  1. 1
    Confirm your account is covered
    Cisco signs a HIPAA Business Associate Agreement covering core Webex services. Cisco has conducted a HIPAA self-assessment on Webex Meetings, Teams/Messaging, Control Hub, Webex for Developers, and Contact Center, and provides a BAA-initiation path for healthcare customers. The BAA governs use and disclosure of PHI under a shared-responsibility model; the third-party HIPAA report is available on Cisco's Trust Portal on request.
  2. 2
    Request the Business Associate Agreement
    Cisco Webex arranges the BAA through its sales / account team. If you have an account executive, ask them to start the BAA for your plan; otherwise contact Cisco Webex sales (or open a request from its trust center) and reference the qualifying plan above.
  3. 3
    Confirm what PHI is allowed before you store any
    PHI is permitted once a BAA is executed with Cisco and the customer configures Webex correctly per the shared-responsibility model; Webex is not an EHR or system of record. Match your configuration to this scope before putting protected health information into Cisco Webex.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Cisco Webex before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does Cisco Webex sign a HIPAA Business Associate Agreement (BAA)?
Yes — Cisco Webex will sign a HIPAA Business Associate Agreement (BAA). Cisco signs a HIPAA Business Associate Agreement covering core Webex services. Cisco has conducted a HIPAA self-assessment on Webex Meetings, Teams/Messaging, Control Hub, Webex for Developers, and Contact Center, and provides a BAA-initiation path for healthcare customers. The BAA governs use and disclosure of PHI under a shared-responsibility model; the third-party HIPAA report is available on Cisco's Trust Portal on request.
Is Cisco Webex HIPAA compliant?
Cisco Webex can be used in a HIPAA-compliant way: it signs a Business Associate Agreement (BAA), which HIPAA requires before you process PHI with a vendor. PHI is permitted once a BAA is executed with Cisco and the customer configures Webex correctly per the shared-responsibility model; Webex is not an EHR or system of record.
Can you store PHI (protected health information) in Cisco Webex?
PHI is permitted once a BAA is executed with Cisco and the customer configures Webex correctly per the shared-responsibility model; Webex is not an EHR or system of record.
Is Cisco Webex SOC 2 certified?
Cisco Webex reports a SOC 2 attestation according to its public security documentation.
How do I request a HIPAA BAA from Cisco Webex?
Cisco Webex arranges the BAA through its sales / account team. If you have an account executive, ask them to start the BAA for your plan; otherwise contact Cisco Webex sales (or open a request from its trust center) and reference the qualifying plan above. Confirm current terms directly with Cisco Webex before storing PHI.
What plan do I need to sign a BAA with Cisco Webex?
Cisco signs a HIPAA Business Associate Agreement covering core Webex services. Cisco has conducted a HIPAA self-assessment on Webex Meetings, Teams/Messaging, Control Hub, Webex for Developers, and Contact Center, and provides a BAA-initiation path for healthcare customers. The BAA governs use and disclosure of PHI under a shared-responsibility model; the third-party HIPAA report is available on Cisco's Trust Portal on request.

Sources

Cisco Webex Suite & Contact Center: HIPAA Compliance (whitepaper)
https://trustportal.cisco.com/c/dam/r/ctp/docs/hipaa/collaboration/cisco-HIPAA-compliance-webex-services-whitepaper.pdf
Supports: Cisco-hosted document confirming Cisco signs a BAA for Webex services and PHI is permitted with a BAAdated: undated
Protecting Your Webex Healthcare Data
https://blog.webex.com/collaboration/video-conferencing/protecting-your-webex-healthcare-data/
Supports: States Cisco has a BAA and lists covered services; provides a BAA-initiation linkdated: 2023-11-21
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Cisco Webex before processing protected health information.

Check another vendor

GoTo MeetingSigns a BAAActiveCampaignBAA on select plansAcuity SchedulingBAA on select plansAdobe Acrobat SignBAA on select plansAircallSigns a BAAAirtableBAA on select plans

See all HIPAA compliant video conferencing
Browse all 105 vendors by category →