AI Vendor BAA Guide

HIPAA BAA for AI Vendors: Which AI Tools Sign a BAA?

Q: Does OpenAI sign a HIPAA BAA?

Yes — OpenAI signs a HIPAA BAA for API customers (via the Privacy Addendum) and ChatGPT Enterprise. ChatGPT Free, Plus, and Team plans are not eligible and cannot be used with PHI.

Q: Does Anthropic sign a HIPAA BAA?

Yes — Anthropic signs a HIPAA BAA for Claude Enterprise customers and qualifying API customers with a Data Processing Addendum. Claude.ai Free, Pro, and Team plans are not HIPAA eligible.

Q: Can I use Google Gemini or Vertex AI with PHI?

Google Cloud (including Vertex AI and Healthcare AI APIs) signs a HIPAA BAA for commercial GCP accounts. The BAA is self-service via the GCP Console. Consumer Gemini (gemini.google.com) is not HIPAA eligible.

Q: What if my AI vendor won't sign a HIPAA BAA?

If a vendor won't sign a BAA, you have three options: (1) present your own BAA template for them to sign, (2) de-identify or avoid sending PHI to that vendor, or (3) switch to a HIPAA-eligible alternative. You cannot use a vendor that touches PHI without a signed BAA — there is no workaround.

Q: Do observability tools like Sentry or Datadog need a HIPAA BAA?

Yes, if your error logs, traces, or monitoring data contain PHI. In healthcare apps, stack traces and API logs frequently capture patient identifiers, session tokens, or medical record references. Sentry requires Business or Enterprise plan; Datadog requires Enterprise. Both are business associates when PHI appears in telemetry data.

By BAA Generator Editorial · Published Apr 20, 2026 · Last reviewed Apr 20, 2026 · 8 min read

Key Takeaways

✓ Any AI tool that processes PHI on your behalf is a HIPAA business associate — a BAA is required
✓ OpenAI (API + ChatGPT Enterprise), Anthropic (API + Claude Enterprise), Azure OpenAI, Google Cloud Vertex AI, and AWS Bedrock all sign BAAs
✓ Consumer plans — ChatGPT Free/Plus/Team, Claude.ai Free/Pro/Team, Gemini.google.com — are not HIPAA eligible
✓ Observability tools (Sentry, Datadog) and analytics platforms (Segment, Mixpanel, Amplitude) need BAAs when healthcare app telemetry contains PHI
✓ If your AI vendor won't sign, you must de-identify data before sending or switch vendors — there is no HIPAA-compliant workaround

Quick answer: AI vendors that create, receive, maintain, or transmit PHI on behalf of a covered entity are HIPAA business associates under 45 CFR § 160.103. A signed BAA is required before any PHI can flow to them. The major foundation model providers — OpenAI, Anthropic, Google Cloud, Azure, and AWS — all offer BAAs, but only on specific enterprise or API plans. Consumer-tier subscriptions are never HIPAA eligible.

Healthcare organizations are adopting AI faster than their compliance programs can keep up. Clinical documentation assistants, diagnostic support tools, patient communication bots, and revenue cycle automation all touch protected health information — often without a BAA in place. This guide covers every major AI vendor category, their BAA status by plan tier, and the specific conditions that trigger the obligation.

Does an AI Tool Need a HIPAA BAA?

An AI tool needs a BAA if it qualifies as a business associate. Under 45 CFR § 160.103, a business associate is any entity that, on behalf of a covered entity, creates, receives, maintains, or transmits PHI. The analysis is function-based, not technology-based — the fact that a tool uses machine learning is irrelevant. What matters is whether PHI flows through it.

Three categories of AI tools routinely trigger the BAA requirement in healthcare settings:

Foundation model APIs — When you send patient notes, lab results, or clinical records to an LLM API for summarization, coding, or analysis, that vendor processes PHI and needs a BAA.
Observability and monitoring tools — Error logs, distributed traces, and session recordings in health apps frequently contain PHI. A stack trace that includes a patient ID or a session replay that captures a diagnosis field makes the observability vendor a business associate.
Product analytics platforms — Event tracking in a patient portal or EHR records user actions that may directly or indirectly identify patients. Analytics vendors that ingest those events are BAs.

The conduit exception at 45 CFR § 164.502(e)(1)(ii)(C) exempts vendors that only transmit PHI without accessing it — like a telecom carrier routing an encrypted HTTPS connection. AI vendors that process, store, or analyze data do not qualify for this exception.

AI Vendor BAA Status by Category

Foundation Model Providers (LLMs)

Vendor	BAA Available	Qualifying Plans	Non-Qualifying Plans
OpenAI	YES	API (Privacy Addendum), ChatGPT Enterprise	ChatGPT Free, Plus, Team
Anthropic	YES	API (DPA), Claude Enterprise	Claude.ai Free, Pro, Team
Azure OpenAI (Microsoft)	YES	All commercial Azure accounts (via Online Services Terms)	None — all commercial plans covered
Google Cloud (Vertex AI)	YES	All commercial GCP accounts (self-service in Console)	Gemini.google.com (consumer)
AWS (Bedrock, SageMaker)	YES	All commercial AWS accounts via AWS Artifact (HIPAA-eligible services list)	Non-eligible services outside the covered list
Cohere	CONTACT	Enterprise agreements only; no self-service BAA	Trial and standard API tiers
Hugging Face	NO	No BAA available on any plan as of 2026	All plans

Developer Tools and Infrastructure

Vendor	BAA Available	Qualifying Plans	PHI Risk in Healthcare Apps
GitHub Copilot	YES	GitHub Enterprise (via Microsoft enterprise agreement)	Source code repositories can contain PHI in test fixtures, configs, or logs
Sentry	YES	Business and Enterprise plans	High — error events in health apps routinely capture patient IDs and session data
Datadog	YES	Enterprise plan only	High — APM traces and logs capture request parameters that may contain PHI

Analytics and Observability Platforms

Vendor	BAA Available	Qualifying Plans	PHI Risk in Healthcare Apps
Segment (Twilio)	YES	Business and Enterprise plans	High — event streams in patient-facing apps capture identifiers with every action
Mixpanel	YES	Enterprise plan only	Medium-High — user property tracking can capture clinical context
Amplitude	YES	Enterprise plan only; Growth and Plus plans have no BAA	Medium-High — same risk as Mixpanel in health app contexts
FullStory	YES	Enterprise plan only; requires privacy masking configuration	Very high — session replay captures every keystroke and field value by default
Hotjar	NO	No BAA on any plan	Very high — cannot be used on any healthcare app or portal that handles PHI

Why Consumer AI Plans Are Never HIPAA-Eligible

Consumer-tier subscriptions (ChatGPT Free, ChatGPT Plus, Claude.ai Pro, Gemini.google.com) explicitly exclude healthcare use in their terms of service and do not offer BAAs. The practical reasons are structural: these plans share infrastructure across millions of users, have no enterprise controls for data isolation, and operate under consumer privacy policies rather than HIPAA-aligned data processing terms.

Switching from the free web interface to the API changes the risk profile: API calls operate under separate enterprise terms, data is not used for training by default (depending on agreement), and the vendor will execute a BAA. The technical experience feels the same; the contractual and compliance posture is entirely different.

If your organization's staff are using consumer ChatGPT or Claude.ai to process patient notes or records — even internally — that is a HIPAA violation regardless of any internal policy or acknowledgment screen.

Observability Tools: The Overlooked BAA Gap

Error monitoring and APM tools are the most commonly missed BAA in healthtech organizations. In a standard web application, a Sentry error event might capture:

The URL at the time of the error (which may contain a patient ID: /patients/12345/chart)
Request parameters passed to an API (which may contain PHI in JSON body fields)
Local variables in a stack trace (which may include an in-memory patient object)

None of this is intentional — it is the default behavior of error monitoring SDKs. The PHI exposure is often invisible until an OCR audit uncovers it. Sentry, Datadog, and similar tools offer data scrubbing configurations that can reduce PHI exposure, but these configurations do not eliminate the BAA requirement: if PHI has ever flowed through the tool, the vendor is a business associate.

What to Do When an AI Vendor Won't Sign a BAA

If an AI vendor will not sign a BAA, you have three options:

Present your own BAA template. Vendors who don't proactively offer a BAA will often sign one you provide. Use a BAA structured around 45 CFR § 164.504(e) — generate one at BAA Generator for $49 and send it to the vendor's legal or compliance team.
De-identify data before sending. Under 45 CFR § 164.514(b), properly de-identified data is no longer PHI and does not trigger the BAA requirement. This is technically feasible for some AI use cases (removing the 18 HIPAA identifiers before sending to a summarization API) but difficult for others (clinical documentation where patient context is essential).
Switch to a HIPAA-eligible alternative. For every major AI vendor category, a HIPAA-eligible alternative exists. The table above identifies qualifying plans and alternatives in each category.

There is no fourth option. Using an AI vendor that processes PHI without a signed BAA is a direct HIPAA violation — not a gray area, and not fixed retroactively by de-identifying data after the fact.

How to Generate a BAA for Your AI Vendor

If your AI vendor will sign a BAA but expects you to provide the document, BAA Generator produces a HIPAA-compliant agreement in under 5 minutes:

Enter your organization's details as the Covered Entity (or Business Associate, if you are a healthtech company)
Enter the AI vendor's details as the Business Associate
Describe the services and the PHI types involved (e.g., "AI-assisted clinical note summarization" / "patient names, DOBs, diagnoses")
Download the free sample-data preview to review, or pay $49 for the clean PDF + Word (.docx) with your actual party information to execute
Route through DocuSign, Adobe Sign, or any e-signature platform — electronic signatures are valid under ESIGN and UETA

Generate a BAA for Your AI Vendor

Built on official HHS model provisions. Free sample-data preview or $49 clean copy with your actual party data + editable Word file. No account required.

Generate My BAA →

Frequently Asked Questions

Do AI tools need a HIPAA BAA?

Yes — if an AI tool creates, receives, maintains, or transmits PHI on behalf of a covered entity, it is a business associate and a BAA is required under 45 CFR § 164.504(e). This applies to LLM APIs, analytics tools, error monitoring services, and observability platforms when healthcare app data contains PHI.

Does OpenAI sign a HIPAA BAA?

Yes — for API customers (via the Privacy Addendum) and ChatGPT Enterprise. ChatGPT Free, Plus, and Team plans are not eligible. See the full OpenAI HIPAA BAA guide.

Does Anthropic sign a HIPAA BAA?

Yes — for Claude Enterprise and qualifying API customers with a Data Processing Addendum. Claude.ai Free, Pro, and Team plans are not HIPAA eligible. See the full Anthropic HIPAA BAA guide.

Can I use Google Gemini or Vertex AI with PHI?

Google Cloud (Vertex AI, Healthcare AI APIs) signs a HIPAA BAA for all commercial GCP accounts via self-service in the GCP Console. Consumer Gemini at gemini.google.com is not HIPAA eligible. See the full Google Cloud HIPAA BAA guide.

Do observability tools like Sentry or Datadog need a HIPAA BAA?

Yes, if your error logs or traces contain PHI. In healthcare apps, stack traces and API logs frequently capture patient identifiers. Sentry requires Business or Enterprise plan; Datadog requires Enterprise. See Sentry and Datadog guides.

What if my AI vendor won't sign a HIPAA BAA?

You must either present your own BAA template for them to sign, de-identify data before sending, or switch to a HIPAA-eligible alternative. You cannot route PHI through a vendor without a signed BAA — there is no compliant workaround. See the full guide on what to do when a vendor won't sign a BAA.