BBAA Atlas

Is monday.com HIPAA compliant?

Work management · vendor site ↗

BAA on select plansPHI with conditionsSOC 2 Type II
Will monday.com sign a HIPAA BAA?
Sometimes — monday.com signs a HIPAA BAA only on specific plans or add-ons.
monday.com signs a BAA only on the Enterprise tier, effective when an admin accepts it and activates the HIPAA-compliant feature; downgrading from Enterprise ends coverage.
PHI eligibility
PHI may be stored once the BAA is accepted and HIPAA is activated on an Enterprise account; the broadcast feature is disabled and customers are solely responsible for PHI exchanged with non-compliant integrations.
SOC 2
SOC 2 Type II
Trust center
monday.com
Sub-processors
monday.com
Notes
BAA document text last updated Feb 2022.
Last verified 2026-05-31confidence: high· Vendor terms change — confirm directly with monday.com before storing PHI.

Get notified when this changes

We track monday.com's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with monday.com

Sometimes — monday.com signs a HIPAA BAA only on specific plans or add-ons.

Request routeSelf-serve — enable it in your account
  1. 1
    Get on a qualifying plan
    monday.com signs a BAA only on the Enterprise tier, effective when an admin accepts it and activates the HIPAA-compliant feature; downgrading from Enterprise ends coverage.
  2. 2
    Request the Business Associate Agreement
    monday.com lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account.
  3. 3
    Confirm what PHI is allowed before you store any
    PHI may be stored once the BAA is accepted and HIPAA is activated on an Enterprise account; the broadcast feature is disabled and customers are solely responsible for PHI exchanged with non-compliant integrations. Match your configuration to this scope before putting protected health information into monday.com.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with monday.com before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does monday.com sign a HIPAA Business Associate Agreement (BAA)?
Sometimes — monday.com signs a HIPAA BAA only on specific plans or add-ons. monday.com signs a BAA only on the Enterprise tier, effective when an admin accepts it and activates the HIPAA-compliant feature; downgrading from Enterprise ends coverage.
Is monday.com HIPAA compliant?
monday.com can be HIPAA-compliant only on the specific plans or add-ons where it will sign a Business Associate Agreement (BAA). PHI may be stored once the BAA is accepted and HIPAA is activated on an Enterprise account; the broadcast feature is disabled and customers are solely responsible for PHI exchanged with non-compliant integrations.
Can you store PHI (protected health information) in monday.com?
PHI may be stored once the BAA is accepted and HIPAA is activated on an Enterprise account; the broadcast feature is disabled and customers are solely responsible for PHI exchanged with non-compliant integrations.
Is monday.com SOC 2 certified?
monday.com reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from monday.com?
monday.com lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account. Confirm current terms directly with monday.com before storing PHI.
What plan do I need to sign a BAA with monday.com?
monday.com signs a BAA only on the Enterprise tier, effective when an admin accepts it and activates the HIPAA-compliant feature; downgrading from Enterprise ends coverage.

Sources

HIPAA Business Associate Agreement — monday.com Legal Portal
https://monday.com/l/privacy/hipaa-baa/
Supports: BAA effective on Enterprise tier with HIPAA feature enabled; safeguardsdated: 2022-02-07
monday.com and HIPAA — Support
https://support.monday.com/hc/en-us/articles/360006506699-monday-com-and-HIPAA
Supports: Enterprise plan requirement; activation steps; broadcast disableddated: undated
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with monday.com before processing protected health information.

Check another vendor

AsanaBAA on select plansClickUpBAA on select plansSmartsheetBAA on select plansActiveCampaignBAA on select plansAcuity SchedulingBAA on select plansAdobe Acrobat SignBAA on select plans

See all HIPAA compliant project management software
Browse all 105 vendors by category →