How to Find HIPAA/GDPR-Compliant GPUs on Runpod and Understand BAA Policy

Overview

Runpod supports HIPAA/GDPR-compliant infrastructure options for both Serverless and Pods.

Customers can use built-in filtering tools to find GPUs that are eligible for compliance-focused workloads, depending on the service they are using. This article explains how to locate those GPUs and outlines Runpod’s policy for signing a Business Associate Agreement (BAA), Data Processing Agreement (DPA), or other custom legal agreements.

How to Find HIPAA/GDPR-Compliant GPUs on Runpod

Runpod makes it easy to search for compliant GPUs across both supported deployment models:

• Serverless
• Pods

The steps are slightly different for each service.

Find Compliant GPUs for Serverless

When creating a Serverless endpoint, you can filter available GPUs by compliance policy.

Steps

1. Log in to your Runpod account.
2. Create a new Serverless endpoint, or open an existing endpoint configuration.
3. Go to Endpoint Configurations.
4. Scroll down to Advanced settings.
5. Navigate to Security & compliance.
6. Select the policy you want to use.
7. Runpod will automatically filter the available GPUs and show only the eligible options for that compliance requirement.
8. Choose the GPU that fits your workload and continue setting up the endpoint.

Navigation path

Endpoint Configurations → Advanced → Security & compliance

You can select multiple options and check GPU availability -

Find Compliant GPUs for Pods

When deploying a Pod, you can apply a compliance filter directly from the deployment page.

Steps

1. Log in to your Runpod account.
2. Go to the Deploy Pod page.
3. Open Additional filters.
4. Select Security & compliance.
5. Choose the compliance certification or policy you want to use.
6. Runpod will show only the GPUs that are applicable for that selection.
7. Choose your GPU and proceed with pod deployment.

Navigation path

Deploy Pod page → Additional filters → Security & compliance

Do You Need a BAA with Runpod?

If your organization needs Runpod to sign a BAA, DPA, or another custom legal agreement, there are specific eligibility requirements to keep in mind.

Runpod policy for custom agreements:

Execution of custom legal agreements, including:

• BAAs
• DPAs
• bespoke or custom contract terms

is reserved for customers with a committed monthly spend of $3,000 or more.

This threshold reflects the legal and executive resources required to support negotiation, custom risk allocation, and ongoing agreement management.

If your projected usage is $3,000/month or more

If your expected monthly spend meets or exceeds this threshold, Runpod would be happy to explore a formal agreement with you.

To help the team route your request properly, be prepared to share:

• your projected monthly spend
• your intended use case
• whether you require a BAA, DPA, or both
• your expected deployment timeline

If your projected usage is below $3,000/month

If you are not yet at that threshold, the fastest way to get started is under Runpod’s standard terms.

Runpod maintains a robust compliance program, and the resources below may address your requirements without the need for a separately negotiated agreement.

Helpful Compliance and Legal Resources

Customers can review the following resources for more information about Runpod’s compliance and security posture:

• Runpod Trust Center — GDPR documentation, HIPAA compliance materials, SOC 2 Type II report, and more
• Runpod Standard DPA — published Data Processing Agreement
• Runpod Compliance Overview
• Runpod Security Overview

For consistency in your help center, these can be added as linked resource titles.

Frequently Asked Questions

Does Runpod support compliant GPU selection for both Serverless and Pods?

Yes. Runpod supports HIPAA/GDPR-compliant infrastructure options for both Serverless and Pods, and each service includes a Security & compliance filter to help narrow the eligible GPUs.

Will Runpod automatically filter the GPU list?

Yes. After you select the relevant compliance policy or certification, Runpod filters the list to show only the GPUs applicable to that requirement.

Do all customers need a BAA?

Not always. Whether a BAA is required depends on your organization’s legal and compliance obligations.

Can Runpod sign a BAA or custom DPA?

Yes, but execution of custom legal agreements is reserved for customers with a committed monthly spend of $3,000 or more.

What should I do if I am below the spend threshold?

You can get started under Runpod’s standard terms and review the published compliance and legal resources listed above.

If your organization requires a BAA, DPA, or other custom legal agreement, please note that execution of custom agreements is reserved for customers with a committed monthly spend of $3,000 or more. If you are eligible, please reach the Account Management team by visiting the Talk to Sales button on the bottom-right side of the Runpod dashboard.

For support, click Help and Resources → Support in the Runpod dashboard. Our teams are here to assist you further.