BBAA Atlas

Is Twilio SendGrid HIPAA compliant?

Transactional & marketing email · vendor site ↗

No BAANot for PHISOC 2 Type II
Will Twilio SendGrid sign a HIPAA BAA?
No — Twilio SendGrid does not sign a HIPAA Business Associate Agreement (BAA).
Twilio explicitly cannot sign a BAA for SendGrid; SendGrid is not a HIPAA Eligible Service.
PHI eligibility
Customers must not use SendGrid for any purpose involving PHI; it offers no transmission security beyond standard SMTP.
SOC 2
SOC 2 Type II
Trust center
twilio.com
Sub-processors
Notes
Distinct from Twilio's core products, which DO offer HIPAA-eligible services with a BAA. Some third-party blogs wrongly claim SendGrid is eligible; Twilio's own docs override them.
Last verified 2026-05-31confidence: high· Vendor terms change — confirm directly with Twilio SendGrid before storing PHI.

Get notified when this changes

We track Twilio SendGrid's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with Twilio SendGrid

No — Twilio SendGrid does not sign a HIPAA Business Associate Agreement (BAA).

There is no BAA to request — Twilio SendGrid will not sign one. Twilio explicitly cannot sign a BAA for SendGrid; SendGrid is not a HIPAA Eligible Service.

Need a vendor in this space that does? See which HIPAA compliant transactional email & messaging APIs sign a BAA →

Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Twilio SendGrid before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does Twilio SendGrid sign a HIPAA Business Associate Agreement (BAA)?
No — Twilio SendGrid does not sign a HIPAA Business Associate Agreement (BAA). Twilio explicitly cannot sign a BAA for SendGrid; SendGrid is not a HIPAA Eligible Service.
Is Twilio SendGrid HIPAA compliant?
Twilio SendGrid is not HIPAA-ready: it does not sign a Business Associate Agreement (BAA), so you cannot use it to process protected health information (PHI). Customers must not use SendGrid for any purpose involving PHI; it offers no transmission security beyond standard SMTP.
Can you store PHI (protected health information) in Twilio SendGrid?
Customers must not use SendGrid for any purpose involving PHI; it offers no transmission security beyond standard SMTP.
Is Twilio SendGrid SOC 2 certified?
Twilio SendGrid reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from Twilio SendGrid?
You can't — Twilio SendGrid does not sign a HIPAA Business Associate Agreement. Twilio explicitly cannot sign a BAA for SendGrid; SendGrid is not a HIPAA Eligible Service.
What plan do I need to sign a BAA with Twilio SendGrid?
Twilio SendGrid does not offer a BAA on any plan, so no plan qualifies. Twilio explicitly cannot sign a BAA for SendGrid; SendGrid is not a HIPAA Eligible Service.

Sources

Is SendGrid HIPAA Compliant? | SendGrid Docs
https://www.twilio.com/docs/sendgrid/ui/account-and-settings/hipaa-compliant
Supports: SendGrid is not a HIPAA Eligible Service; Twilio cannot sign BAAs for SendGrid; do not use with PHIdated: undated
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Twilio SendGrid before processing protected health information.

Check another vendor

ActiveCampaignBAA on select plansAcuity SchedulingBAA on select plansAdobe Acrobat SignBAA on select plansAircallSigns a BAAAirtableBAA on select plansAmazon Web Services (AWS)Signs a BAA

See all HIPAA compliant transactional email & messaging APIs
Browse all 105 vendors by category →