Canva is a visual communication platform empowering users to create designs like presentations, social graphics, and more. Based on current information, Canva is not HIPAA compliant, as it does not engage in any HIPAA-specific safeguards or BAA agreements.
No, Canva does not sign a BAA and offers no indication that it will. Therefore, it is not HIPAA compliant.
Canva does not sign BAAs and is, therefore, not HIPAA compliant.
See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)
A legally binding contract between a HIPAA-covered entity and its vendor (business associate), obligating proper protection of PHI under HIPAA rules.
HIPAA sets standards to safeguard individuals' PHI and ensure secure electronic exchange of health data.
HIPAA applies to covered entities (e.g., healthcare providers, health plans, clearinghouses) and their business associates—vendors handling PHI on behalf of covered entities.