Does Zoom for Healthcare Sign a HIPAA Business Associate Agreement?
By BAA Generator Research Team · Published Apr 20, 2026 · Last reviewed Apr 20, 2026 · 4 min read
Key Takeaways
- ✓ Yes — Zoom for Healthcare is Zoom's HIPAA-compliant tier and includes a BAA
- ✗ Standard Zoom plans (Free, Pro, Business) do NOT include a BAA — they cannot be used for telehealth involving PHI
- ✓ COVID-19 telehealth enforcement waivers have expired — standard Zoom is no longer permissible for PHI
- ✓ Zoom for Healthcare adds audit logging, enhanced access controls, and HIPAA-appropriate configuration
During the COVID-19 pandemic, HHS issued enforcement discretion allowing providers to use consumer video platforms for telehealth without fully compliant BAAs in place. Those waivers have expired. Any healthcare provider conducting telehealth visits now must use a HIPAA-compliant platform with a signed BAA — and standard Zoom does not qualify. Zoom for Healthcare is the compliant solution.
Zoom Plan Coverage for HIPAA BAA
| Plan | Price | BAA Available? |
|---|---|---|
| Zoom Free | Free | No BAA — not for telehealth |
| Zoom Pro | $14.99/mo | No BAA — not for telehealth |
| Zoom Business | $19.99/seat/mo | No BAA — not for telehealth |
| Zoom for Healthcare | Annual contract (contact sales) | Yes — BAA included |
| Zoom One Business Plus with Healthcare add-on | Annual contract (contact sales) | Yes — BAA included |
What Zoom for Healthcare Adds Over Standard Zoom
Zoom for Healthcare is not just standard Zoom with a BAA attached. It includes specific compliance features that standard plans lack:
- Business Associate Agreement — executed during onboarding; standard plans have no BAA
- Enhanced audit logging — comprehensive session logs required by HIPAA's audit control safeguards
- Access controls — waiting room enforcement, host controls, and session authentication features appropriate for patient encounters
- HIPAA-appropriate defaults — certain AI features and third-party integrations that could expose PHI are disabled by default
- Dedicated compliance support — access to Zoom's healthcare compliance team for implementation guidance
The COVID Waiver Problem: What Many Providers Miss
A significant compliance risk for practices is continuing to use standard Zoom for telehealth post-waiver expiration. During the public health emergency, HHS's Office for Civil Rights stated it would exercise enforcement discretion for providers using consumer video tools in good faith for telehealth. When that waiver expired, providers were expected to transition to compliant platforms.
Many small practices did not make this transition. If your practice has been using a standard Zoom account for patient visits after the waiver period, you have been operating without a BAA for those sessions — a HIPAA violation for each visit that involved PHI disclosure. The risk is compounded by the volume of encounters over time.
How to Get Zoom for Healthcare
Zoom for Healthcare is not available through Zoom's self-service signup process:
- Contact Zoom's sales team and specifically request the Zoom for Healthcare plan
- Provide your organization's information and healthcare use case
- Execute the Zoom for Healthcare annual subscription agreement, which includes the HIPAA BAA
- Complete HIPAA configuration during onboarding with Zoom's healthcare support team
The BAA is executed as part of the Healthcare plan contract, not as a separate document you must chase after signing up. This makes it simpler than some other platforms where the BAA is an optional addendum.
For a detailed look at standard Zoom's HIPAA status, see our Zoom HIPAA BAA guide. For practices building a compliant telehealth stack, see our guide on HIPAA BAAs for telehealth.
Frequently Asked Questions
Does Zoom for Healthcare include a HIPAA BAA?
Yes — Zoom for Healthcare includes a HIPAA BAA executed during the onboarding process. It is Zoom's dedicated HIPAA-compliant product tier. Standard Zoom plans (Free, Pro, Business) do not include a BAA.
What is the difference between Zoom and Zoom for Healthcare?
Zoom for Healthcare adds a Business Associate Agreement, enhanced audit logging, HIPAA-appropriate access controls, and compliant defaults to the Zoom platform. Standard Zoom lacks these features and the BAA required for legal telehealth use. Zoom for Healthcare requires an annual contract.
Can I use standard Zoom for telehealth?
No — standard Zoom plans (Free, Pro, Business) do not include a HIPAA BAA and cannot be used for telehealth sessions involving PHI. The COVID-19 enforcement waivers have expired. Any telehealth use involving PHI requires a BAA-covered platform.
How much does Zoom for Healthcare cost?
Zoom for Healthcare is priced on an annual contract basis. Pricing varies by seat count and feature configuration. Contact Zoom sales for current Healthcare tier pricing. It is generally priced higher than standard Business plans due to the added compliance infrastructure and BAA coverage.
More vendor BAA guides
Generate a compliant BAA in 5 minutes
HHS model BAA provisions · 45 CFR § 164.504(e) compliant · clean PDF + editable Word
No subscription · PDF + Word · Free watermarked preview