Is Twilio HIPAA compliant?
BAA on select plansPHI with conditionsSOC 2 Type II
Will Twilio sign a HIPAA BAA?
Sometimes — Twilio signs a HIPAA BAA only on specific plans or add-ons.
Twilio signs a Business Associate Addendum, but only customers on the Security Edition or Enterprise Edition are eligible, and only HIPAA-Eligible Products and Services may carry PHI.
PHI eligibility
PHI may be processed only on Twilio's designated HIPAA-eligible products with a signed BAA on a Security/Enterprise Edition account; non-eligible products and trial accounts must not carry PHI.
SOC 2
SOC 2 Type II
Trust center
Sub-processors
Notes
The eligible-products list is maintained on a separate Twilio doc that updates over time; verify the specific product/feature is in scope.
Get notified when this changes
We track Twilio's BAA and HIPAA status. Leave your email and we'll send one note if the verdict on this page changes.
How to request and sign a BAA with Twilio
Sometimes — Twilio signs a HIPAA BAA only on specific plans or add-ons.
Request routeBy request — via trust center or support
- 1Get on a qualifying planTwilio signs a Business Associate Addendum, but only customers on the Security Edition or Enterprise Edition are eligible, and only HIPAA-Eligible Products and Services may carry PHI.
- 2Request the Business Associate AgreementTwilio provides the BAA on request. Open a request through Twilio's trust center and ask for the current Business Associate Agreement covering your plan.
- 3Confirm what PHI is allowed before you store anyPHI may be processed only on Twilio's designated HIPAA-eligible products with a signed BAA on a Security/Enterprise Edition account; non-eligible products and trial accounts must not carry PHI. Match your configuration to this scope before putting protected health information into Twilio.
Last verified 2026-05-31 · Plan tiers and BAA terms change often — confirm the current process directly with Twilio before you rely on it. This is cited public information, not legal advice.
Frequently asked questions
Does Twilio sign a HIPAA Business Associate Agreement (BAA)?
Sometimes — Twilio signs a HIPAA BAA only on specific plans or add-ons. Twilio signs a Business Associate Addendum, but only customers on the Security Edition or Enterprise Edition are eligible, and only HIPAA-Eligible Products and Services may carry PHI.
Is Twilio HIPAA compliant?
Twilio can be HIPAA-compliant only on the specific plans or add-ons where it will sign a Business Associate Agreement (BAA). PHI may be processed only on Twilio's designated HIPAA-eligible products with a signed BAA on a Security/Enterprise Edition account; non-eligible products and trial accounts must not carry PHI.
Can you store PHI (protected health information) in Twilio?
PHI may be processed only on Twilio's designated HIPAA-eligible products with a signed BAA on a Security/Enterprise Edition account; non-eligible products and trial accounts must not carry PHI.
Is Twilio SOC 2 certified?
Twilio reports a SOC 2 Type II attestation according to its public security documentation.
How do I request a HIPAA BAA from Twilio?
Twilio provides the BAA on request. Open a request through Twilio's trust center and ask for the current Business Associate Agreement covering your plan. Confirm current terms directly with Twilio before storing PHI.
What plan do I need to sign a BAA with Twilio?
Twilio signs a Business Associate Addendum, but only customers on the Security Edition or Enterprise Edition are eligible, and only HIPAA-Eligible Products and Services may carry PHI.
Sources
https://www.twilio.com/en-us/hipaa
This page is cited public information, not legal or compliance advice. A BAA's availability can depend on your specific plan, region, and contract. Always confirm current terms with Twilio before processing protected health information.
Check another vendor
See all HIPAA compliant transactional email & messaging APIs →
Browse all 105 vendors by category →