Is Front HIPAA compliant?
Signs a BAAPHI with conditionsSOC 2 Type II
Will Front sign a HIPAA BAA?
Yes — Front will sign a HIPAA Business Associate Agreement (BAA).
Front's End User Conduct and Content Policy permits storing/transmitting PHI only for customers who have executed a BAA with Front, so a BAA pathway exists (available on request).
PHI eligibility
PHI may be stored/transmitted in Front only after executing a BAA with Front; without one, PHI is prohibited by policy.
SOC 2
SOC 2 Type II
Trust center
Sub-processors
—
Notes
Policy confirms PHI is allowed only with a signed BAA, but Front's pages do not publicly detail plan tiers/scope; treat as 'available on request' and verify eligibility with Front.
Get notified when this changes
We track Front's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.
How to request and sign a BAA with Front
Yes — Front will sign a HIPAA Business Associate Agreement (BAA).
Request routeBy request — via trust center or support
- 1Confirm your account is coveredFront's End User Conduct and Content Policy permits storing/transmitting PHI only for customers who have executed a BAA with Front, so a BAA pathway exists (available on request).
- 2Request the Business Associate AgreementFront provides the BAA on request. Open a request through Front's trust center and ask for the current Business Associate Agreement covering your plan.
- 3Confirm what PHI is allowed before you store anyPHI may be stored/transmitted in Front only after executing a BAA with Front; without one, PHI is prohibited by policy. Match your configuration to this scope before putting protected health information into Front.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Front before you rely on it. This is cited public information, not legal advice.
Frequently asked questions
Does Front sign a HIPAA Business Associate Agreement (BAA)?
Yes — Front will sign a HIPAA Business Associate Agreement (BAA). Front's End User Conduct and Content Policy permits storing/transmitting PHI only for customers who have executed a BAA with Front, so a BAA pathway exists (available on request).
Is Front HIPAA compliant?
Front can be used in a HIPAA-compliant way: it signs a Business Associate Agreement (BAA), which HIPAA requires before you process PHI with a vendor. PHI may be stored/transmitted in Front only after executing a BAA with Front; without one, PHI is prohibited by policy.
Can you store PHI (protected health information) in Front?
PHI may be stored/transmitted in Front only after executing a BAA with Front; without one, PHI is prohibited by policy.
Is Front SOC 2 certified?
Front reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from Front?
Front provides the BAA on request. Open a request through Front's trust center and ask for the current Business Associate Agreement covering your plan. Confirm current terms directly with Front before storing PHI.
What plan do I need to sign a BAA with Front?
Front's End User Conduct and Content Policy permits storing/transmitting PHI only for customers who have executed a BAA with Front, so a BAA pathway exists (available on request).
Sources
https://help.front.com/en/articles/2374
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Front before processing protected health information.
Check another vendor
See all HIPAA compliant customer support & help desk software →
Browse all 105 vendors by category →