· 10 min read

Is ChatGPT HIPAA-Compliant? An Honest Answer for 2026

It depends on which ChatGPT, and the default answer is no. Here's what OpenAI's BAA actually covers in 2026 — and what a regulated team still has to build around it.

Table of contents

The honest answer is: it depends which ChatGPT, and the default answer is no. The version of ChatGPT most people mean — the consumer app on a Free or Plus account — is not HIPAA-compliant, and OpenAI will not sign a BAA to make it one.[1]

Usage is already moving ahead of official policy. While 66% of physicians report using some form of AI in their practice, often for clinical documentation and administrative tasks,[5] approximately 20% are already using generative AI tools like ChatGPT specifically for work.[6] Other OpenAI products can be brought under a BAA. But a signed BAA is the floor of a compliant deployment, not the ceiling — and the gap between the two is where regulated teams get into trouble.

This post answers the specific yes/no question head-on. If you want the broader case for why a general-purpose AI tool falls short of regulated work, we cover that separately.

The short answer, by product

“ChatGPT” is not one product, and HIPAA status varies across the lineup.

Consumer ChatGPT (Free, Plus, Pro, Team): not compliant. OpenAI does not offer a BAA for these tiers.[1] This includes the ChatGPT Team plan; despite being a business-oriented tier, OpenAI explicitly excludes it from BAA eligibility. Without a BAA, sending protected health information (PHI) to one of these accounts is a disclosure to an uncovered vendor — a HIPAA violation regardless of how good the output is.

The OpenAI API platform: can be covered. OpenAI will sign a BAA for the API, and you do not need an enterprise contract to request one — you email OpenAI directly.[1] The BAA covers eligible API endpoints, and OpenAI conditions API coverage on zero data retention for the requests in scope.[1]

ChatGPT Enterprise and Edu: can be covered, conditionally. OpenAI will enter a BAA for ChatGPT Enterprise or Edu, but only for accounts managed through its sales team.[1] A self-serve upgrade to a paid tier does not get you there.

ChatGPT for Healthcare: built for it. In January 2026 OpenAI launched ChatGPT for Healthcare, an enterprise product for hospitals and clinics, with a BAA available for qualifying healthcare organizations.[2]

So “is ChatGPT HIPAA-compliant” has no single answer. The product a clinician already has open in a browser tab is almost always the consumer one — and that one is not.

What a BAA is, and why “they’ll sign one” is not the finish line

A Business Associate Agreement is a contract HIPAA requires between a covered entity (a healthcare provider, health plan, or clearinghouse) and any vendor that creates, receives, maintains, or transmits PHI on its behalf.[3] The BAA binds the vendor to safeguard the data, restrict its use, report breaches, and return or destroy PHI when the arrangement ends.[3]

Two things follow that teams routinely miss.

First, a BAA covers the services named in it — not the vendor’s whole catalog. A BAA for the OpenAI API does not cover a staff member who pastes a chart note into ChatGPT Plus on the same laptop. The signature exists; the data flow is outside it.

Second, a BAA is a contractual promise, not a technical control. It obligates the vendor to handle PHI correctly. It does not give your organization the ability to enforce its own policies on what gets sent, who can send it, or what happens to the record afterward. HIPAA still requires you to implement access controls and audit controls on your side of the line.[4] A BAA does not do that work for you. (We go deeper on this in what a BAA actually covers when you use AI.)

The common failure mode: the personal account on the same device

The single most frequent way a “compliant” ChatGPT deployment becomes non-compliant has nothing to do with the contract. It is staff using a personal account.

A practice signs a sales-managed ChatGPT Enterprise agreement with a BAA. The compliance box is checked. Then a clinician, mid-workflow, opens ChatGPT in a private browser window logged into their own Plus account — because it is faster, or because they are at home, or because they did not register that the two are different products. The conversation in the personal account is outside the BAA. PHI just left the covered environment.

This is not a hypothetical edge case. It is the predictable result of compliance living in a contract rather than in the tool. If the only thing standing between covered and uncovered use is whether a user remembers which account they are in, the control is not a control. It is a hope.

The same problem shows up with browser extensions, mobile apps, and copy-paste habits. A clinician who drafts a note in a covered tool and then pastes it into a personal account to “rephrase it” has moved PHI across the line in a way no contract anticipated. The covered product can be configured perfectly and still sit next to an uncovered one a click away. Closing that gap is an organizational and technical problem — device policy, account management, and a tool that does not have a consumer twin — not something the BAA addresses.

Beyond the BAA: what a compliant deployment actually requires

Assume you have the right OpenAI product and a signed BAA covering it. You are still not done. A deployment that holds up under scrutiny needs four things the BAA itself does not provide.

Scope that matches the real data path. The BAA has to cover the way the tool is actually used. If the agreement names the API but your team works in a chat interface, or names ChatGPT Enterprise but staff also use the API, the uncovered path is a live exposure.

A clear answer on who processes the data at inference. With a direct OpenAI BAA, OpenAI is the processor — that part is clean. It gets murkier when you buy AI from a third-party tool that routes prompts to OpenAI behind the scenes. Then you need a BAA chain that reaches all the way to whoever runs the model, with no gap in the middle.

Training-data and retention settings that are configured, not assumed. OpenAI states that content from ChatGPT for Healthcare is not used to train models,[2] and its API BAA path is tied to zero data retention.[1] Those are the right defaults for the covered products — but you still have to confirm your specific account is on them, in writing, rather than trusting that the marketing page describes your contract.

An audit trail that meets the regulatory bar. HIPAA’s Audit Controls standard — 45 CFR 164.312(b) — requires mechanisms that record and examine activity in systems containing PHI.[4] Conversation history in a chat product is not that. It is not tamper-evident, it is not tied to verified identities at the level a regulator expects, and it is retained under the vendor’s policy rather than yours. If an investigator asks who submitted a particular prompt containing a patient’s diagnosis, and when, a list of chat threads is not an answer that survives scrutiny. (We break down what a compliance-grade AI audit trail looks like in detail.)

The order these four things are addressed matters. A team that signs the BAA first and treats access controls and audit as a later project has, in the interim, a deployment that looks compliant on paper and is not in practice. The four requirements are not a sequence — they have to hold at the same time, before real PHI moves through the tool.

Being fair to ChatGPT

None of this means ChatGPT is a bad tool. It is a genuinely capable one, and OpenAI’s healthcare-specific launch shows the company is investing in the controls regulated buyers ask for.[2] A team that buys the right product, signs the BAA, and builds the access controls and audit trail around it can run a defensible deployment.

The point is the distance between “useful” and “compliant.” A clinician who opens the consumer app and finds it helpful has tested usefulness. They have not tested whether the deployment is covered, whether the data path matches the contract, or whether they could reconstruct who saw what if a regulator asked. Those are separate questions, and a smooth chat experience answers none of them.

The same logic applies to other general-purpose assistants — the question “is Claude HIPAA-compliant” has the same shape of answer, and the same gap between a signed BAA and a deployment you can defend.

How a purpose-built platform closes the gap

The difference between general-purpose AI and a platform built for regulated work is not the model — it is everything around the model.

HASP is a HIPAA-ready AI platform that puts the compliance layer in the tool rather than in a contract you hope people remember. A BAA is included on every paid plan, and HASP holds BAAs directly with its BAA-covered inference providers — so your one agreement with HASP covers the full inference path, with no chain to assemble yourself. Every prompt is checked for PHI before it reaches a model, and your organization sets the policy: allow PHI through under the BAA, redact it before it reaches a provider, or block it. HASP owns and operates that scanning itself rather than handing it to a third party.

Every prompt, response, and action is written to an append-only, immutable audit trail — hash-chained with Ed25519 signatures, anchored to a trusted timestamp, independently verifiable without HASP software, and retained for seven years on every paid tier. That is the kind of record HIPAA’s Audit Controls standard expects, produced automatically rather than reconstructed after the fact.

That capability runs across four surfaces under one BAA. Two plans cover them: the Platform plan bundles Assistant (HIPAA-ready AI chat and document work) + Studio (AI-powered internal apps), starting at $199 / mo for Solo. The API plan bundles the Public API + Agent SDK for developers building regulated AI into their own software, starting at $249 / mo for Developer. Same BAA, same audit chain, same compliance layer across both — hold one plan or both.

So: is ChatGPT HIPAA-compliant? For the version most people are using, no — and no contract fixes the consumer app. For OpenAI’s covered products, it can be, if you do the work the BAA leaves to you. If you would rather that work came built in, see what HASP Assistant does differently — or read the complete guide to HIPAA-compliant AI for the full picture.

Sources

  1. OpenAI. “How can I get a Business Associate Agreement (BAA) with OpenAI?” OpenAI Help Center. help.openai.com

  2. OpenAI. “Introducing OpenAI for Healthcare,” January 2026. openai.com

  3. U.S. Department of Health & Human Services. “Business Associates.” HHS.gov. hhs.gov

  4. U.S. Department of Health & Human Services. “Summary of the HIPAA Security Rule.” HHS.gov. hhs.gov

  5. American Medical Association. AMA physician survey on AI in clinical practice (2024). ama-assn.org

  6. BMJ. “Generative AI in clinical practice: a survey of UK GPs” (2024). bmj.com

Related pages

BAA-included AI A signed BAA on every paid plan, covering the full inference path. View → The complete guide to HIPAA-compliant AI What HIPAA actually requires of an AI deployment, end to end. View → HASP Assistant HIPAA-ready AI chat and document work built for regulated teams. View → HASP and HIPAA BAA scope, PHI handling at the gateway, and a signed audit chain. View →

More from HIPAA + AI

HIPAA Security Rule and AI: What § 164.308 Requires of Vendors When you put AI into a HIPAA workflow, the AI vendor becomes a business associate. Here is how to evaluate that vendor through the lens of § 164.308. Read → Real HIPAA Violations From AI: What Regulators Have Penalized OCR has not yet fined anyone for an AI tool by name. That is a lag, not an all-clear. Here is what regulators have penalized that maps directly onto how AI fails. Read → How to Evaluate HIPAA AI Vendors: A 20-Point Checklist A 20-point checklist for evaluating HIPAA AI vendors — BAA scope, the inference path, PHI handling, audit integrity, and the vendor's own posture. Read →