BBAA Atlas

Is Squarespace HIPAA compliant?

Website builder · vendor site ↗

BAA on select plansPHI with conditions
Will Squarespace sign a HIPAA BAA?
Sometimes — Squarespace signs a HIPAA BAA only on specific plans or add-ons.
Squarespace offers a Business Associate Addendum only for its Acuity Scheduling product (HIPAA-enabled on Powerhouse or Premium plans). Squarespace's help docs state Acuity is the only Squarespace feature designed to offer services consistent with HIPAA obligations; other parts of the platform, including form blocks, cannot be part of a HIPAA-compliant solution.
PHI eligibility
PHI is permitted only within a HIPAA-enabled Acuity Scheduling account under a signed BAA. Keep PHI out of the core website builder, form blocks, email campaigns, and analytics.
SOC 2
Not publicly confirmed
Trust center
Sub-processors
Notes
BAA coverage is narrow: limited to Acuity Scheduling on eligible plans and does not extend to the rest of Squarespace. Marked plan_gated because a BAA exists but only for one gated product. SOC 2 not verified from a primary source.
Last verified 2026-05-31confidence: high· Vendor terms change — confirm directly with Squarespace before storing PHI.

Get notified when this changes

We track Squarespace's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.

One email per change. No newsletter, no selling your address.

How to request and sign a BAA with Squarespace

Sometimes — Squarespace signs a HIPAA BAA only on specific plans or add-ons.

Request routeSelf-serve — enable it in your account
  1. 1
    Get on a qualifying plan
    Squarespace offers a Business Associate Addendum only for its Acuity Scheduling product (HIPAA-enabled on Powerhouse or Premium plans). Squarespace's help docs state Acuity is the only Squarespace feature designed to offer services consistent with HIPAA obligations; other parts of the platform, including form blocks, cannot be part of a HIPAA-compliant solution.
  2. 2
    Request the Business Associate Agreement
    Squarespace lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account.
  3. 3
    Confirm what PHI is allowed before you store any
    PHI is permitted only within a HIPAA-enabled Acuity Scheduling account under a signed BAA. Keep PHI out of the core website builder, form blocks, email campaigns, and analytics. Match your configuration to this scope before putting protected health information into Squarespace.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Squarespace before you rely on it. This is cited public information, not legal advice.

Frequently asked questions

Does Squarespace sign a HIPAA Business Associate Agreement (BAA)?
Sometimes — Squarespace signs a HIPAA BAA only on specific plans or add-ons. Squarespace offers a Business Associate Addendum only for its Acuity Scheduling product (HIPAA-enabled on Powerhouse or Premium plans). Squarespace's help docs state Acuity is the only Squarespace feature designed to offer services consistent with HIPAA obligations; other parts of the platform, including form blocks, cannot be part of a HIPAA-compliant solution.
Is Squarespace HIPAA compliant?
Squarespace can be HIPAA-compliant only on the specific plans or add-ons where it will sign a Business Associate Agreement (BAA). PHI is permitted only within a HIPAA-enabled Acuity Scheduling account under a signed BAA. Keep PHI out of the core website builder, form blocks, email campaigns, and analytics.
Can you store PHI (protected health information) in Squarespace?
PHI is permitted only within a HIPAA-enabled Acuity Scheduling account under a signed BAA. Keep PHI out of the core website builder, form blocks, email campaigns, and analytics.
Is Squarespace SOC 2 certified?
We could not confirm a public SOC 2 report for Squarespace. SOC 2 is separate from a HIPAA BAA — confirm both directly with Squarespace.
How do I request a HIPAA BAA from Squarespace?
Squarespace lets you obtain the BAA without a sales call. Follow the path named in the plan requirement above — typically an in-product toggle or a billing / compliance settings page — then request and accept the agreement from your own account. Confirm current terms directly with Squarespace before storing PHI.
What plan do I need to sign a BAA with Squarespace?
Squarespace offers a Business Associate Addendum only for its Acuity Scheduling product (HIPAA-enabled on Powerhouse or Premium plans). Squarespace's help docs state Acuity is the only Squarespace feature designed to offer services consistent with HIPAA obligations; other parts of the platform, including form blocks, cannot be part of a HIPAA-compliant solution.

Sources

Acuity Scheduling and HIPAA — Squarespace Help Center
https://support.squarespace.com/hc/en-us/articles/360028867231-Acuity-Scheduling-and-HIPAA
Supports: Squarespace offers a BAA for Acuity Scheduling (Powerhouse/Premium plans); Acuity is the only Squarespace feature designed for HIPAA; other features cannot be part of a HIPAA-compliant solutiondated: 2026-01-20
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Squarespace before processing protected health information.

Check another vendor

WixBAA on select plansActiveCampaignBAA on select plansAcuity SchedulingBAA on select plansAdobe Acrobat SignBAA on select plansAircallSigns a BAAAirtableBAA on select plans

See all HIPAA compliant website builders & CMS
Browse all 105 vendors by category →