HIPAA & BAA · AI meeting notes
Is Fireflies.ai HIPAA compliant?
Conditionally. Fireflies.ai signs a BAA, but only on the Enterprise plan and only when Private Storage is also enabled — both are required.
Key facts
- BAA available: Conditionally — on specific plans
- What it takes: Enterprise plan + Private Storage enabled
- Official source: Fireflies.ai — HIPAA — https://fireflies.ai/hipaa (verified 2026-06)
How to use Fireflies.ai in a HIPAA-compliant way
- Be on the Fireflies.ai Enterprise plan.
- Request the HIPAA-compliant version and BAA from Fireflies sales.
- Enable Private Storage (dedicated, isolated data infrastructure).
- Execute the BAA; HIPAA is active only when both Private Storage and the BAA are in place.
- Maintain both components — removing either immediately disables HIPAA status.
Important caveats
- HIPAA is Enterprise-only; non-Enterprise plans cannot store PHI.
- Private Storage AND a signed BAA are both mandatory — one without the other does not enable HIPAA.
- The HIPAA-compliant version is available by request, not self-serve.
The bottom line
No software is "HIPAA compliant" on its own. HIPAA compliance is a property of your organization, not a tool. Even with a signed BAA, you remain responsible for configuring Fireflies.ai correctly, limiting access to PHI, training staff, and maintaining your own safeguards. This page is general information, not legal advice; confirm current terms with Fireflies.ai.
Frequently asked questions
Does Fireflies.ai sign a BAA?
On specific plans. Enterprise plan + Private Storage enabled A signed BAA is required before any PHI is involved.
Is Fireflies.ai HIPAA compliant out of the box?
No software is "HIPAA compliant" by itself. Even when Fireflies.ai offers a BAA, you are responsible for signing it, configuring the product correctly, restricting access, and maintaining your own administrative, physical, and technical safeguards.
What should I check before using Fireflies.ai with PHI?
HIPAA is Enterprise-only; non-Enterprise plans cannot store PHI.
