Raycast is a productivity application launcher for macOS (now in public beta for Windows), providing streamlined access to apps, files, snippets, clipboard history, AI features, and more across a highly extensible platform.
Is Raycast HIPAA compliant? No, based on our research, Raycast is not HIPAA compliant. The company does not sign a business associate agreement (BAA) and focuses its privacy/security efforts on data protection standards like GDPR, CCPA, and local data encryption, not on HIPAA.
No, Raycast will not sign a BAA. Their documentation focuses on general data protection frameworks (e.g., GDPR, CCPA) via a Data Processing Addendum (DPA), there is no mention of HIPAA or BAAs in their Terms of Service or DPA.
Raycast does not sign a BAA and is therefore not HIPAA compliant.
See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)
A BAA is a legally binding contract between a HIPAA-covered entity and a business associate that handles PHI, ensuring proper safeguards and compliance in accordance with HIPAA privacy and security regulations.
HIPAA sets national standards for protecting the privacy and security of PHI. Covered entities and their business associates must ensure PHI is properly safeguarded.
HIPAA applies to covered entities (healthcare providers, health plans, healthcare clearinghouses) and their business associates, vendors or service providers that create, receive, transmit, or maintain PHI on behalf of the covered entity.