1 min read

Is Google Ads HIPAA compliant? (2026 update)

Picture of Tshedimoso Makhene Tshedimoso Makhene February 6, 2021

HIPAA compliance
Google Ads logo

Google Ads is Google’s online advertising platform for creating ads across Google Search, YouTube, partner sites, and other Google ad placements.

Is Google Ads HIPAA compliant? No, based on our research, Google Ads is not HIPAA compliant.

 

What changed this year?

As of April 2026, our review did not identify a public change showing that Google Ads is covered by a Google HIPAA business associate agreement. Google does offer HIPAA support for certain Google Cloud and Google Workspace services, but those BAAs apply only to covered services.

Google also updated its Personalized Advertising Policy in 2025 to clarify health-related targeting rules, but that policy update does not make Google Ads HIPAA compliant.

 

Will Google Ads sign a business associate agreement (BAA)?

No, Google Ads does not publicly offer a HIPAA business associate agreement for Google Ads.

Google’s public HIPAA materials focus on Google Cloud and Google Workspace covered services, not Google Ads. A BAA matters because HIPAA generally requires covered entities and business associates to enter into contracts with vendors that handle PHI.

 

Conclusion

Google Ads does not sign a BAA for Google Ads and is therefore not HIPAA compliant for campaigns that involve PHI.

Learn more: HIPAA Compliant Email: The Definitive Guide

 

FAQs

What is a business associate agreement?

A business associate agreement is a legally binding contract establishing a relationship between a covered entity under HIPAA and its business associates. The purpose of this agreement is to ensure the proper protection of personal health information as required by HIPAA regulations.

 

What is HIPAA?

The Health Insurance Portability and Accountability Act sets national standards for protecting the privacy and security of certain health information, known as protected health information.

HIPAA is designed to protect the privacy and security of individuals’ health information and to ensure that healthcare providers and insurers can securely exchange electronic health information. Violations of HIPAA can result in significant fines and penalties for covered entities.

 

Who does HIPAA apply to?

HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.

Secure every email you send and receive HIPAA compliant. Threat-proof. Hassle-free.
Google logo

How do I sign a business associate agreement with Google?

Picture of Hoala Greevy Hoala Greevy : February 13, 2023

Last week we wrote about Google Workspace and how it compares to Paubox for its ability to provide HIPAA compliant email.

HIPAA compliance
Read More
Person holding a smartphone displaying Gmail logo at a desk with keyboard

Google Workspace is not HIPAA compliant on its own

Picture of Lilly Ohno Lilly Ohno : March 20, 2025

Many healthcare organizations rely on Google Workspace to run their business and communicate with patients. While Google signs a business associates...

HIPAA compliant email HIPAA compliance
Read More
Two people smiling at an indoor event

Is Google Sheets HIPAA compliant?

Picture of Hoala Greevy Hoala Greevy : November 15, 2017

We often get asked by customers and prospects about Google Sheets and their ability to use it in a HIPAA compliant manner. We know the HIPAA market...

HIPAA compliance
Read More

Subscribe to Paubox Weekly

Every Friday we bring you the most important news from Paubox. Our aim is to make you smarter, faster.