Your HIPAA BAA probably doesn't cover the AI feature: 6 carve-outs for 2026

Most HIPAA AI advice stops at one question: does the vendor sign a Business Associate Agreement? If yes, green light. If no, red light.

That binary misses the trap that actually catches teams in 2026. Your vendor signs a BAA. You are on the qualifying enterprise plan. The base product is genuinely covered. And the generative-AI feature bolted onto it is specifically excluded from that same BAA. You did everything right and the AI layer is still off-limits for PHI.

I maintain BAA Atlas, a free directory that tracks BAA and PHI eligibility across the AI tools and SaaS vendors developers and ops teams actually run. (Affiliation up front: it is my project, and the links below point to it.) Going vendor by vendor through the published terms, this carve-out pattern shows up again and again. Here are six concrete ones, each pulled from the vendor's own documentation and verified 1 June 2026.

Why a platform BAA does not extend to the AI feature

A BAA covers named services, not a brand. AWS, Google and Microsoft each publish an explicit list of which services fall under the BAA. A new AI product ships, the marketing says "enterprise-grade," and it is simply not on that list yet, or ever. The covered-services list is the contract. The homepage is not.

So "we have a BAA with Google" is not the same as "we can put PHI into every Google product." It means PHI is allowed in the specific services Google enumerates. The AI HIPAA overview I keep here tracks which AI tools clear that bar and which do not.

The six carve-outs

1. GitHub Copilot sits outside Microsoft's BAA.
Microsoft signs broad HIPAA BAAs and GitHub is a Microsoft company, so teams assume Copilot inherits the coverage. It does not. GitHub Copilot is not enumerated among the BAA-covered services, even on enterprise GitHub plans. Keep PHI out of it, and remember PHI can hide in code, test fixtures and prompts, not just patient records.

2. Notion AI is carved out of the Notion Enterprise BAA.
Notion will sign a BAA, but only on the Enterprise plan (100+ members), and the Notion AI add-on is explicitly excluded from that BAA. So even after you sign, Notion AI is the one feature you cannot point at PHI. Notion's entry on the atlas has the plan detail and the source link.

3. Zoom AI Companion is excluded from the standard Zoom BAA.
Zoom signs a BAA for Meetings, Phone and Team Chat on eligible plans. AI Companion's generative features (meeting notes, summaries, transcription, the chatbot) are not part of standard BAA coverage, and Zoom auto-restricts them when a BAA is active. If you need the summary feature on PHI calls, that has to be named in writing, not assumed. The detail is on the Zoom AI Companion page, and the underlying Zoom BAA scope is on the Zoom vendor page.

4. Amazon Q Developer is not a HIPAA-eligible AWS service.
This one is sharp because AWS is the textbook BAA vendor. One AWS BAA covers a long list of eligible services. Amazon Q Developer is not on that list (Amazon Q Business is), and AWS states Q Developer is not designed to transmit, store or process ePHI. So an executed AWS BAA does not cover it. Its atlas page links straight to the AWS eligible-services reference.

5. Google NotebookLM is not in the Workspace HIPAA Included Functionality list.
Google Workspace publishes a "HIPAA Included Functionality" list, and that list is the BAA's scope. NotebookLM is absent from it, so it is not covered by the Workspace BAA. The free consumer app is out of scope too.

6. Adobe Firefly is not a HIPAA-Ready Service.
Adobe acts as a Business Associate only for its designated HIPAA-Ready Services, such as Acrobat Sign Enterprise and select Document and Experience Cloud capabilities. Firefly, the creative generative-AI app, is not on that list, so there is no Firefly BAA to sign.

The pattern, and how to check before you ship

Across these six the rule is identical: the BAA binds to a published list of covered or "ready" services, and the generative-AI feature is frequently left off that list even when the parent platform is fully covered. The newer the AI feature, the more likely it is sitting outside the contract.

Three checks before you let PHI near a vendor's AI feature:

1. Find the vendor's covered-services or HIPAA-eligible-services list. AWS, Google and Microsoft each publish one. If the AI feature is not named, it is not covered.
2. Read the AI add-on terms separately from the platform BAA. Notion and Zoom both carve the AI layer out in their own docs.
3. Get the AI feature named in your BAA in writing if you genuinely need it on PHI. "It is part of the suite" is not coverage.

The "do they sign a BAA" question is the wrong unit. The question that decides it is "is this specific feature inside the BAA's named scope." For the AI features above, today, the answer is no.

I keep the per-tool verdicts and source links current on BAA Atlas, starting from the AI HIPAA overview. When a vendor changes its covered-services list, that is where it gets updated.