# HIPAA Compliance

> Bytebase is HIPAA-compliant — independent verification that our administrative, physical, and technical safeguards meet the HIPAA Security Rule for handling Protected Health Information.

Tianzhou | 2026-04-29 | Source: https://www.bytebase.com/blog/hipaa/

---

> Bytebase is [SOC 2 Type 2](/blog/soc2-type2) certified. Now also HIPAA-compliant.

HIPAA verifies that our administrative, physical, and technical safeguards meet the Security Rule's requirements for handling Protected Health Information (PHI). Healthcare and life-sciences customers can sign a Business Associate Agreement (BAA) with Bytebase before connecting databases that hold PHI.

The audit was performed by [Sensiba](https://sensiba.com/), an independent third-party auditor.

For the BAA, the attestation report, or details on specific controls, [email us](mailto:sales@bytebase.com).