Is Trello HIPAA compliant?
No BAANot for PHISOC 2 Type II
Will Trello sign a HIPAA BAA?
No — Trello does not sign a HIPAA Business Associate Agreement (BAA).
Atlassian does not sign a BAA covering Trello because Trello's Terms of Service prohibit processing sensitive personal information; Trello is omitted from Atlassian's HIPAA-qualified product list.
PHI eligibility
PHI may not be stored in Trello; uploading PHI violates both HIPAA (no BAA) and Atlassian's Terms of Service and may result in suspension.
SOC 2
SOC 2 Type II
Trust center
Sub-processors
Notes
Trello is part of Atlassian but explicitly excluded from HIPAA BAA coverage (unlike Jira/Confluence).
Get notified when this changes
We track Trello's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.
How to request and sign a BAA with Trello
No — Trello does not sign a HIPAA Business Associate Agreement (BAA).
There is no BAA to request — Trello will not sign one. Atlassian does not sign a BAA covering Trello because Trello's Terms of Service prohibit processing sensitive personal information; Trello is omitted from Atlassian's HIPAA-qualified product list.
Need a vendor in this space that does? See which HIPAA compliant project management software sign a BAA →
Before you sign — watch for
- A signed BAA here does NOT clear you to deliberately store PHI — the vendor still restricts intentional PHI collection or how it may be used. Confirm the exact scope.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Trello before you rely on it. This is cited public information, not legal advice.
Frequently asked questions
Does Trello sign a HIPAA Business Associate Agreement (BAA)?
No — Trello does not sign a HIPAA Business Associate Agreement (BAA). Atlassian does not sign a BAA covering Trello because Trello's Terms of Service prohibit processing sensitive personal information; Trello is omitted from Atlassian's HIPAA-qualified product list.
Is Trello HIPAA compliant?
Trello is not HIPAA-ready: it does not sign a Business Associate Agreement (BAA), so you cannot use it to process protected health information (PHI). PHI may not be stored in Trello; uploading PHI violates both HIPAA (no BAA) and Atlassian's Terms of Service and may result in suspension.
Can you store PHI (protected health information) in Trello?
PHI may not be stored in Trello; uploading PHI violates both HIPAA (no BAA) and Atlassian's Terms of Service and may result in suspension.
Is Trello SOC 2 certified?
Trello reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from Trello?
You can't — Trello does not sign a HIPAA Business Associate Agreement. Atlassian does not sign a BAA covering Trello because Trello's Terms of Service prohibit processing sensitive personal information; Trello is omitted from Atlassian's HIPAA-qualified product list.
What plan do I need to sign a BAA with Trello?
Trello does not offer a BAA on any plan, so no plan qualifies. Atlassian does not sign a BAA covering Trello because Trello's Terms of Service prohibit processing sensitive personal information; Trello is omitted from Atlassian's HIPAA-qualified product list.
Sources
https://www.atlassian.com/trust/compliance/resources/hipaa
https://www.hipaajournal.com/is-trello-hipaa-compliant/
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Trello before processing protected health information.
Check another vendor
See all HIPAA compliant project management software →
Browse all 105 vendors by category →