HIPAA & BAA ยท E-signature / documents
Is PandaDoc HIPAA compliant?
Conditionally. PandaDoc will sign a BAA for annual Business or Enterprise plan customers, enabling HIPAA-compliant document and eSignature workflows.
Key facts
- BAA available: Conditionally โ on specific plans
- What it takes: Annual Business or Enterprise plan (Enterprise customers with five or more seats)
- Official source: PandaDoc HIPAA Compliant Software โ https://www.pandadoc.com/hipaa/ (verified 2026-06)
How to use PandaDoc in a HIPAA-compliant way
- Move to an annual Business or Enterprise PandaDoc plan (Enterprise typically requires five or more seats).
- Contact PandaDoc sales to request and execute the Business Associate Agreement.
- Enable/confirm HIPAA-supporting features (encryption, access controls, audit trails) for your account.
- Configure user-level permissions so only authorized staff access PHI documents.
- Limit PHI to covered workflows once the BAA is active.
Important caveats
- Lower-tier or monthly plans are not eligible for a BAA.
- HIPAA capability is often quoted as a custom/add-on arrangement depending on seats and features.
- Signing a BAA does not by itself make your overall workflow compliant; your own controls still apply.
The bottom line
No software is "HIPAA compliant" on its own. HIPAA compliance is a property of your organization, not a tool. Even with a signed BAA, you remain responsible for configuring PandaDoc correctly, limiting access to PHI, training staff, and maintaining your own safeguards. This page is general information, not legal advice; confirm current terms with PandaDoc.
Frequently asked questions
Does PandaDoc sign a BAA?
On specific plans. Annual Business or Enterprise plan (Enterprise customers with five or more seats) A signed BAA is required before any PHI is involved.
Is PandaDoc HIPAA compliant out of the box?
No software is "HIPAA compliant" by itself. Even when PandaDoc offers a BAA, you are responsible for signing it, configuring the product correctly, restricting access, and maintaining your own administrative, physical, and technical safeguards.
What should I check before using PandaDoc with PHI?
Lower-tier or monthly plans are not eligible for a BAA.
