HIPAA Business Associate Agreement (BAA)

The Health Insurance Portability and Accountability Act and its 2009 update Health Information Technology for Economic and Clinical Health (HITECH) Act (collectively, “HIPAA”) lay out privacy and security standards that protect the confidentiality of patients’ protected health information (PHI) in the United States. HIPAA applies to covered entities (health care providers, health plans, and health care clearinghouses) that create, receive, maintain, transmit, or access PHI. Specific HIPAA rules also apply to business associates of covered entities that perform certain functions involving PHI as part of providing services to the covered entity. 

HIPAA generally requires that covered entities and business associates enter into agreements with their business associates to ensure that the business associates will appropriately safeguard PHI. Zoom enters into business associate agreements (BAAs) with customers, including those in the higher education and healthcare industries, to facilitate their compliance with HIPAA. Similarly, Zoom also enters into agreements to enable compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Personal Health Information Protection Act (PHIPA) in Canada. 

For more information about how Zoom enables compliance with HIPAA, please review Zoom’s HIPAA Compliance Guide

Zoom for Healthcare

 

Zoom for Healthcare allows you to leverage Zoom Workplace while still enabling your privacy, security, and compliance goals. Zoom offers Pro, Business, Business Plus and Enterprise plans to customers in the healthcare space. Zoom also enters into BAAs with customers who are subscribed to other paid plans listed on Zoom’s Plans & Pricing page. More information about Zoom for Healthcare can be found here. 

Note: In addition to Zoom's subscription plans, custom pre-paid packages are available in 1-, 2-, and 3-year increments. Contact Sales for pricing.

AI Feature Availability Under BAA

AI features, including AI Companion features, are available to customers with BAAs in place with Zoom. Zoom provides account administrators and users with controls to manage AI features. Zoom does not use customers’ audio, video, chat, screen sharing, attachments or other communications like content (such as poll results, whiteboard and reactions) to train Zoom’s or its third party artificial intelligence models.

Certain AI Companion features may not be available at this time for healthcare and higher education customers with BAAs in place. 

How to Enter into a BAA with Zoom when Purchasing a Healthcare Plan

If purchasing Business, Business Plus or Enterprise plans, please contact Sales to sign a BAA with Zoom. If purchasing a Zoom Pro plan:

  1. On the Plans & Pricing page, select Healthcare in the dropdown menu.
  2. Click Buy Now.
  3. On the Checkout page, select United States Agreement (BAA) or Canada Agreement (PHIA) in the Select Business Country dropdown menu.
  4. Click Read Agreement. Please review the agreement and click I accept if you agree to the terms of the agreement. Once you execute a BAA with Zoom, no additional manual configuration is required.

How to Enter into a BAA with Zoom if You Already Have a Healthcare Plan

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Plans and Billing then Plan Management.
  3. Scroll down to the Discover our other popular products section and click view more products.
  4. Scroll down to Business Associate Agreement (US only). Click Enable.
    Note: Customers with a Canadian billing address may see options for a Personal Health Information Annex (PHIA) instead of a BAA.
  5. Please review the agreement and click Proceed if you accept the terms of the agreement. Once you execute a BAA with Zoom, no additional manual configuration is required.

How to Manage Your Existing BAA with Zoom

If you entered into a BAA with Zoom when purchasing your Healthcare plan or through Plan Management as described above, you can manage your existing BAA with Zoom:

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Plans and Billing then Plan Management.
  3. Navigate to the tile for your Business Associate Agreement (BAA).
    Note: Customers with a Canadian billing address may see options for a Personal Health Information Annex (PHIA) instead of a BAA.
  4. Click Manage. You can view the effective date for your BAA, review your BAA, or disable your BAA. 

For more information about signing a BAA with Zoom, please contact Sales.

This document is not intended as legal advice. Zoom’s customers are responsible for ensuring their use of Zoom’s services aligns with their obligations under HIPAA or other applicable laws. We encourage all customers to seek counsel on what their requirements are under applicable law in the jurisdictions in which they are using Zoom services.