BAA Generator
HomeResourcesDoes Zoom Sign a HIPAA BAA?
Vendor BAA Guide

Does Zoom Sign a HIPAA Business Associate Agreement?

By BAA Generator Editorial  ·  Published Apr 19, 2026  ·  Last reviewed Apr 19, 2026  ·  5 min read

Key Takeaways

Direct answer: Yes — Zoom offers a HIPAA Business Associate Agreement for healthcare customers on Zoom for Healthcare and eligible Business/Enterprise plans. The BAA is not automatic — you must request it through Zoom's healthcare compliance process and enable HIPAA mode in your account settings. Free Zoom accounts cannot be used for telehealth involving PHI.

Telehealth has made Zoom one of the most important platforms in modern healthcare delivery. But Zoom's default configuration is not HIPAA compliant — specific steps are required to bring it into compliance for PHI handling. Here's exactly what you need to know.

Which Zoom Plans Support HIPAA Compliance?

Zoom's HIPAA BAA is available for:

Not supported: Zoom Basic (free), Zoom Pro (individual paid plan). These plans do not qualify for HIPAA compliance and should never be used for telehealth sessions involving PHI.

How to Get Zoom's HIPAA BAA

Zoom does not automatically provide a BAA when you sign up for an eligible plan. You must:

  1. Purchase a qualifying Zoom plan (Zoom for Healthcare, Business, or Enterprise)
  2. Contact Zoom through their HIPAA BAA request process (available in Zoom's Trust Center or through your account representative)
  3. Sign the BAA — Zoom will provide the document for your signature
  4. Enable HIPAA mode in your Zoom Admin Portal under Account Management > Account Settings > Security

HIPAA mode is not active by default, even on qualifying plans. Both the BAA and HIPAA mode configuration are required for compliant use.

What HIPAA Mode Disables on Zoom

When HIPAA mode is activated, Zoom disables features that could expose PHI to third-party AI processing or unauthorized storage:

These trade-offs are important to understand before switching to HIPAA mode — some productivity features your staff relies on will be unavailable.

What Zoom's BAA Covers

Zoom's HIPAA BAA governs how Zoom handles PHI transmitted or stored through Zoom's systems. It covers:

Zoom's BAA covers Zoom's platform. Your organization still needs BAAs with any other vendors that access PHI stored or transmitted through Zoom.

Need a BAA for another vendor?

Generate HIPAA-compliant Business Associate Agreements for your billing company, IT provider, cloud storage, and more — free to start.

Generate BAA for Free →