Is Google Ads HIPAA compliant? (2026 update)

Google Ads is Google’s online advertising platform for creating ads across Google Search, YouTube, partner sites, and other Google ad placements.

Is Google Ads HIPAA compliant? No, based on our research, Google Ads is not HIPAA compliant.

What changed this year?

As of April 2026, our review did not identify a public change showing that Google Ads is covered by a Google HIPAA business associate agreement. Google does offer HIPAA support for certain Google Cloud and Google Workspace services, but those BAAs apply only to covered services.

Google also updated its Personalized Advertising Policy in 2025 to clarify health-related targeting rules, but that policy update does not make Google Ads HIPAA compliant.

Will Google Ads sign a business associate agreement (BAA)?

No, Google Ads does not publicly offer a HIPAA business associate agreement for Google Ads.

Google’s public HIPAA materials focus on Google Cloud and Google Workspace covered services, not Google Ads. A BAA matters because HIPAA generally requires covered entities and business associates to enter into contracts with vendors that handle PHI.

Conclusion

Google Ads does not sign a BAA for Google Ads and is therefore not HIPAA compliant for campaigns that involve PHI.

Learn more: HIPAA Compliant Email: The Definitive Guide

FAQs

What is a business associate agreement?

A business associate agreement is a legally binding contract establishing a relationship between a covered entity under HIPAA and its business associates. The purpose of this agreement is to ensure the proper protection of personal health information as required by HIPAA regulations.

What is HIPAA?

The Health Insurance Portability and Accountability Act sets national standards for protecting the privacy and security of certain health information, known as protected health information.

HIPAA is designed to protect the privacy and security of individuals’ health information and to ensure that healthcare providers and insurers can securely exchange electronic health information. Violations of HIPAA can result in significant fines and penalties for covered entities.

Who does HIPAA apply to?

HIPAA applies to covered entities, which include healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.