Is Google Cloud HIPAA Compliant?

Google Cloud Platform (GCP) is a suite of cloud services that includes virtual machines (VMs) management, data object storage, cloud databases, machine learning and analysis tools and more.

Your HIPAA Gameplan. Download The Free HIPAA Compliance Plan   Download Guide

Certain GCP services in the Google ecosystem can be used in a HIPAA compliant manner. Google is willing to sign a Business Associates Agreement (BAA) for a select list of cloud services. This BAA designates specific physical safeguards handled by Google. It is your organization’s responsibility to implement all necessary technical and administrative safeguards. 

Google Cloud platform provides HIPAA compliant services under a “Shared Responsibility” model. Learn more about the compliance requirements shared between your organization and your cloud provider.

HIPAA Compliance with Google Cloud


Google Cloud Platform (GCP) provides a variety of offerings for creating backend services and deploying applications. Google’s core services can be configured to be HIPAA compliant. GCP offers the flexibility to launch, manage, and scale virtual machines (VMs), cloud storage, managed databases and other services. Dash allows your organization to create and maintain a HIPAA compliant environment through the Google Cloud Platform, with one simple process:

  • Deploy Dash to your Google Cloud environment
  • Dash’s automated service sets up and optimizes your cloud services
  • Monitor and manage the compliance process through our dashboard


    • Tour Dash Compliance Automation
    HIPAA Compliance with Google Cloud