SaaS HIPAA, BAA, and SOC 2 Finder

Search vendors before HIPAA-regulated workflows. Review BAA signals, PHI risk, SOC 2 evidence, and safer alternatives to verify.

⌘K

Showing high-signal vendor profiles - type to filter the database

QuickBooks

HIPAA: Not HIPAA compliantSOC2: Verify with vendor

QuickBooks offers SOC 2 Type II compliance and can be HIPAA compliant with specific e...

Shopify

HIPAA: Not supported for PHISOC2: Public evidence

Shopify offers a robust security framework and SOC 2 compliance, but HIPAA compliance...

Zelle

HIPAA: Unable to confirmSOC2: Verify with participating bank

Zelle, as a peer-to-peer payment service, is generally not HIPAA compliant and does n...

Salesforce

HIPAA: ConditionalSOC2: Public evidence

Salesforce offers a robust security framework and achieves SOC 2 compliance, but HIPA...

Chime

HIPAA: Unable to confirmSOC2: Verify with vendor

Chime is a neobank primarily focused on consumer banking and does not generally offer...

Outlook

HIPAA: ConditionalSOC2: Yes

Outlook.live.com offers features and configurations that can support HIPAA compliance...

Google Calendar

HIPAA: ConditionalSOC2: Public evidence

Google Calendar, as part of Google Workspace, offers a strong security foundation and...

HubSpot

HIPAA: ConditionalSOC2: Public evidence

HubSpot offers robust security features and SOC 2 Type II compliance, but HIPAA compl...

Wix

HIPAA: ConditionalSOC2: Verify with vendor

Wix offers SOC 2 Type II compliance and can be made HIPAA compliant through specific ...

ChatGPT

HIPAA: ConditionalSOC2: Public evidence

ChatGPT demonstrates a strong commitment to security with SOC 2 Type II certification...

Pro Tools

HIPAA: ConditionalSOC2: Unknown

Pro Tools, while not inherently HIPAA compliant out-of-the-box, can be used in HIPAA-...

QuickBooks Desktop

HIPAA: Unable to confirmSOC2: Verify with vendor

QuickBooks Desktop offers features and Intuit provides a BAA for eligible enterprise ...

Explore HIPAA, BAA, and SOC 2 Research

Vendor profiles

HubSpot
HIPAA: Conditional | SOC 2: Public evidence
Shopify
HIPAA: Not supported for PHI | SOC 2: Public evidence
ChatGPT
HIPAA: Conditional | SOC 2: Public evidence
Wix
HIPAA: Conditional | SOC 2: Verify with vendor
QuickBooks Desktop
HIPAA: Unable to confirm | SOC 2: Verify with vendor
Klaviyo
HIPAA: Unable to confirm | SOC 2: Verify with vendor
Google Calendar
HIPAA: Conditional | SOC 2: Public evidence
Chime
HIPAA: Unable to confirm | SOC 2: Verify with vendor
QuickBooks
HIPAA: Not HIPAA compliant | SOC 2: Verify with vendor
Zelle
HIPAA: Unable to confirm | SOC 2: Verify with participating bank
Airtable
HIPAA: Conditional | SOC 2: Public evidence
AWS
HIPAA: Conditional | SOC 2: Public evidence

Compliance categories

Email and messaging
hipaa compliant email providers
CRM and marketing
hipaa compliant crm for small business
Forms and intake
hipaa compliant survey software
Calendar and scheduling
hipaa compliant online scheduling
Accounting and payments
is quickbooks hipaa compliant
AI chatbots
chatgpt soc2
Project management
hipaa compliant project management
Cloud and database
aws hipaa eligible services list
Security and GRC
best hipaa compliance software

AEO guides

What Is a Business Associate Agreement (BAA)?
AEO guide
Can You Store PHI in SaaS Tools?
AEO guide
SOC 2 vs PCI Compliance
AEO guide
HITECH Act vs HIPAA
AEO guide
How to Evaluate a HIPAA-Compliant App Builder
AEO guide
What Makes a Phone Number or Texting App HIPAA Compliant?
AEO guide
HIPAA Firewall Requirements for SaaS Teams
AEO guide