BBAA Atlas

Is Render HIPAA compliant?

Application hosting (PaaS) · vendor site ↗

BAA on select plansPHI with conditions
Will Render sign a HIPAA BAA?
Sometimes — Render signs a HIPAA BAA only on specific plans or add-ons.
Render signs a BAA (self-serve from Workspace Settings → Compliance; Render emails a link to sign). HIPAA-enabled workspaces require a Scale or Enterprise plan and carry a 20% surcharge on all usage in that workspace.
PHI eligibility
PHI may only be processed/stored inside a HIPAA-enabled workspace after signing the BAA; PHI is prohibited in static sites, service logs, build artifacts, infrastructure-as-code config and resource names.
SOC 2
Not publicly confirmed
Trust center
render.com
Sub-processors
Notes
Plan names reflect Render's April 2026 plan revamp (Scale/Enterprise); the 2025 launch blog used the earlier 'Organization/Enterprise' naming.
Last verified 2026-05-31confidence: high· Vendor terms change — confirm directly with Render before storing PHI.

Get notified when this changes

We track Render's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with Render

Sometimes — Render signs a HIPAA BAA only on specific plans or add-ons.

Request routeSelf-serve — enable it in your account
  1. 1
    Get on a qualifying plan
    Render signs a BAA (self-serve from Workspace Settings → Compliance; Render emails a link to sign). HIPAA-enabled workspaces require a Scale or Enterprise plan and carry a 20% surcharge on all usage in that workspace.
  2. 2
    Request the Business Associate Agreement
    Render lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account.
  3. 3
    Confirm what PHI is allowed before you store any
    PHI may only be processed/stored inside a HIPAA-enabled workspace after signing the BAA; PHI is prohibited in static sites, service logs, build artifacts, infrastructure-as-code config and resource names. Match your configuration to this scope before putting protected health information into Render.
Before you sign — watch for
  • Expect a HIPAA price uplift on this plan (a percentage surcharge or premium tier) — see the requirement above.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Render before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does Render sign a HIPAA Business Associate Agreement (BAA)?
Sometimes — Render signs a HIPAA BAA only on specific plans or add-ons. Render signs a BAA (self-serve from Workspace Settings → Compliance; Render emails a link to sign). HIPAA-enabled workspaces require a Scale or Enterprise plan and carry a 20% surcharge on all usage in that workspace.
Is Render HIPAA compliant?
Render can be HIPAA-compliant only on the specific plans or add-ons where it will sign a Business Associate Agreement (BAA). PHI may only be processed/stored inside a HIPAA-enabled workspace after signing the BAA; PHI is prohibited in static sites, service logs, build artifacts, infrastructure-as-code config and resource names.
Can you store PHI (protected health information) in Render?
PHI may only be processed/stored inside a HIPAA-enabled workspace after signing the BAA; PHI is prohibited in static sites, service logs, build artifacts, infrastructure-as-code config and resource names.
Is Render SOC 2 certified?
We could not confirm a public SOC 2 report for Render. SOC 2 is separate from a HIPAA BAA — confirm both directly with Render.
How do I request a HIPAA BAA from Render?
Render lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account. Confirm current terms directly with Render before storing PHI.
What plan do I need to sign a BAA with Render?
Render signs a BAA (self-serve from Workspace Settings → Compliance; Render emails a link to sign). HIPAA-enabled workspaces require a Scale or Enterprise plan and carry a 20% surcharge on all usage in that workspace.

Sources

HIPAA on Render — Render Docs
https://render.com/docs/hipaa-compliance
Supports: Signs BAA; Scale/Enterprise required; 20% fee; PHI restrictionsdated: undated
Render Now Supports HIPAA-Compliant Workspaces
https://render.com/blog/introducing-hipaa-enabled-workspaces
Supports: BAA self-serve from dashboard; plan-gateddated: 2025-06-09
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Render before processing protected health information.

Check another vendor

Heroku (Salesforce)BAA on select plansNetlifyBAA on select plansVercelBAA on select plansActiveCampaignBAA on select plansAcuity SchedulingBAA on select plansAdobe Acrobat SignBAA on select plans

See all HIPAA compliant cloud infrastructure & hosting
Browse all 105 vendors by category →