HIPAA & BAA ยท Cloud storage
Is Sync.com HIPAA compliant?
Yes. Sync.com will sign a BAA on request once you are on an eligible Pro Solo or Pro Teams plan.
Key facts
- BAA available: Yes โ with a signed BAA
- What it takes: Pro Solo Professional, Pro Solo Unlimited, or any Pro Teams plan
- Official source: Sync.com Help: Which plans are HIPAA compliant? โ https://help.sync.com/hc/en-us/articles/38275625592595-Which-plans-are-HIPAA-compliant (verified 2026-06)
How to use Sync.com in a HIPAA-compliant way
- Purchase an eligible plan (Pro Solo Professional, Pro Solo Unlimited, or a Pro Teams plan).
- Request the HIPAA BAA from Sync.com after purchase.
- Review and execute Sync's standard HIPAA BAA.
- Manage user access and sharing permissions for PHI within your team.
- Limit PHI sharing to legally authorized recipients.
Important caveats
- Free and Pro Solo Standard plans are not eligible.
- Sync uses end-to-end encryption (no unsecured PHI on its servers), but you control access.
- The covered entity is responsible for who can access PHI in Sync.
The bottom line
No software is "HIPAA compliant" on its own. HIPAA compliance is a property of your organization, not a tool. Even with a signed BAA, you remain responsible for configuring Sync.com correctly, limiting access to PHI, training staff, and maintaining your own safeguards. This page is general information, not legal advice; confirm current terms with Sync.com.
Frequently asked questions
Does Sync.com sign a BAA?
Yes. Pro Solo Professional, Pro Solo Unlimited, or any Pro Teams plan A signed BAA is required before any PHI is involved.
Is Sync.com HIPAA compliant out of the box?
No software is "HIPAA compliant" by itself. Even when Sync.com offers a BAA, you are responsible for signing it, configuring the product correctly, restricting access, and maintaining your own administrative, physical, and technical safeguards.
What should I check before using Sync.com with PHI?
Free and Pro Solo Standard plans are not eligible.
