A note before I start: though the story below comes from my work, I’m writing on my own behalf. I’m not a spokesperson for any organization, and which enterprise platform my employer adopts โ if any โ is a decision that belongs to senior leadership, not just to me.
A clinician at an AI committee asked a question in mid-February that I’ve spent the three months since trying to answer: which of the major AI vendors will sign a HIPAA Business Associate Agreement for a small Enterprise plan? Whether he specifically asked for a command-line interface (CLI) option or not, in my mind, it was the most valuable part of any potential enterprise plan.
I use Claude Code every day, and I’ve worked with both OpenAI’s Codex CLI and Google’s Gemini CLI. A CLI lets a model read and edit files in your local filesystem, run shell commands, and execute code on the machine you are sitting at, all under your control. The gap between that and a browser-based ChatGPT is at least an order of magnitude. Without it, AI is roughly the way I think of Microsoft Copilot โ pleasant, never essential. With it, AI is the most productive tool on my desk, by far. So my version of the question grew a second requirement: a CLI coding tool covered under that BAA.
In any other industry, the answers are mostly straightforward. In healthcare, you have to read each vendor’s published BAA scope document line by line, because two of the three answers are no โ and the no is not in the contract you sign, it’s in the help-center article the contract points to.
The two carve-outs you can read in the vendor’s own docs
Ask Anthropic for a Claude Enterprise plan with a HIPAA BAA and you eventually land on the help-center article titled “HIPAA-Ready Enterprise Plans.” Halfway through, in plain language:
Claude Code bundled seats are not currently covered as part of the HIPAA-ready offering. If you purchase Enterprise seats that include Claude Code access, only the chat functionality is covered. Claude Code usage is not covered, even when purchased as part of a bundled seat.
The Enterprise tier is required to get a BAA at all, but the CLI inside it is excluded from the BAA’s scope. The chat surface is covered. The CLI is not.
OpenAI publishes the same shape of carve-out for Codex. Their “ChatGPT Regulated Workspace” PDF lists the in-scope features, then a separate “Non-Included Functionality” section with this controlling caveat:
This access is intended only for uses that do not involve transmission, storage, or processing of PHI.
The first item on the Non-Included list is Codex. The carve-out has been there since the Regulated Workspace was announced in January.
The third vendor is the surprise. Google’s Gemini CLI documentation puts the CLI inside the Code Assist Standard and Enterprise data-protection regime by an explicit cross-reference, and Gemini Code Assist is on Google Cloud’s HIPAA Covered Products list. One caveat: agent mode is Preview-only and not BAA-eligible until it goes GA. Standalone CLI is GA today.
AWS Bedrock is the back door
For the two direct vendor paths that exclude their CLI tools from the BAA, there is an indirect path. Amazon Bedrock is on the AWS HIPAA-eligible services list with no per-feature carve-outs. The AWS Business Associate Addendum is self-service through AWS Artifact, costs nothing additional, and is signed by clicking through after a short legal-entity confirmation. I’ve executed it for a single corporate AWS account in well under fifteen minutes.
Anthropic has been on Bedrock for years. OpenAI joined April 28 โ frontier models plus Codex CLI and the desktop app, all in Limited Preview. For Claude Code on Bedrock today, the setup is a four-step wizard inside the claude command; team deployment is well under an hour for anyone with AWS familiarity. Bedrock’s standard endpoint does not relay Anthropic’s server-hosted web search or web fetch, but client-side tools, the model, the 1M-token context window, and prompt caching all work normally.
Google’s Gemini CLI is the one direct path, and Google does not make procurement easy
You would think procurement for the one vendor whose CLI is in-writing covered would be straightforward. It is not. The Gemini Enterprise sales motion routes through Google Cloud and a partner channel, and the partner wants to put a multi-week implementation Statement of Work in front of you before you can buy seat licenses.
The SOW is a fixed-price professional-services engagement covering a defined pilot user community, custom connectors to whichever systems you already run, and a project management cadence. The fixed price is meaningful โ tens of thousands of dollars in one example โ but is fully offset by Google funding at project completion. Net cost on the implementation is zero. After the pilot, you pick up the seat licenses (around $35 per seat per month, unlimited usage at flat rate) plus Google Cloud consumption inside your tenant.
Google’s product-and-BAA fit is the cleanest of the three vendors, but expect to invest meeting time before you get a number.
What it costs, per seat and per year
Twenty-five seats is the comparison point โ a defensible early-rollout number, and the floor where OpenAI’s default fifty-seat minimum will negotiate down for SMBs.
| Vendor | Per-seat / month | Min seats | Annual at 25 seats | CLI BAA-covered? |
|---|---|---|---|---|
| OpenAI ChatGPT Enterprise for Healthcare | $33 | 50 (25 by SMB exception) | $9,900 | No (Codex carved out) |
| Anthropic Claude Enterprise | $20 base + API-rate usage | 20 | $4,800 base + variable usage | No (Claude Code carved out) |
| Google Gemini Enterprise | ~$35 (list) | None | ~$10,500 (unlimited usage) | Yes |
The Anthropic line: $20 per seat is a base fee, not all-in. Usage is metered separately at API rates, and for heavy daily Claude Code use the meter dwarfs the base. Bedrock is not in the table because it is pay-per-token at the same API rates Anthropic charges directly โ no seat minimums, no annual commit, available to a single account on day one.
The Claude Max 20x line item that complicates everything
There is a personal-tier subscription that should not, in theory, belong in a procurement comparison: Anthropic’s Claude Max 20x plan, two hundred dollars per month per user, flat rate. I’ve been on it since last summer. Anthropic recently began showing Max subscribers what their sessions would have cost on the meter at public API rates โ a transparency move you can read either as helpful or as foreshadowing of a future pricing model. The Claude Code session in which I am writing this post has accumulated a meter reading of $72.45 across a few hours of editing, research, and the back-and-forth involved in five blog posts. That is one session on one person’s laptop. Annualized for a heavy user, that is $1,500 to $1,800 per month against a $200 flat rate.
Max is not BAA-eligible. There is no Max-tier path to a BAA, and no Enterprise-tier path to BAA-covered Claude Code.
But Max can be the answer for non-PHI work. Most of what an IT team in a small healthcare organization does on a CLI โ PowerShell scripts, Python debugging, deployment job refactors, blog drafts โ is not PHI work. The clinical-data workflows that genuinely require BAA scope are a smaller share, even on the IT team.
The split-stack recommendation: Max for non-PHI, Bedrock for PHI
The path that ends up making sense for our situation may be two channels in parallel, not one Enterprise contract.
For non-PHI work โ most of what the technical staff does day to day โ Claude Max 20x at $200 per month is the best deal available, by a wide margin, as long as Anthropic offers flat-rate consumer pricing. For PHI work โ clinical workflow tools, anything that pulls from the EMR, anything where a developer might paste a clinical sentence into a prompt โ the answer is AWS Bedrock under the existing AWS BAA, with Claude Code configured to use Bedrock as the model provider. For the broader user community, our existing Microsoft Copilot deployment under our Microsoft 365 BAA covers most of the chat-surface need.
If you are not in healthcare, the first half still applies โ Max 20x is the best deal in CLI AI coding right now for any individual professional, regardless of industry. The second half โ the BAA constraint that pushes you to Bedrock โ is healthcare-specific.
The committee question in mid-February was about a small Enterprise plan with a BAA, whether I added the CLI requirement or it was implied. In its original framing, the question is structurally unanswerable from any single vendor today for two of the three options, and procurement-friction-bound for the third. The answer that does work โ Max for non-PHI, Bedrock for PHI, direct Enterprise for the chat surface โ was not on the original list of options. It is an option worth considering.
Sources
- Anthropic โ HIPAA-Ready Enterprise Plans: the Claude Code carve-out language quoted in the body.
- OpenAI โ ChatGPT Regulated Workspace specification (PDF): the Codex Non-Included Functionality listing and the controlling PHI sentence (document dated 2026-05-08).
- Google Cloud โ Gemini CLI: the Gemini CLI inheritance statement for Code Assist Standard and Enterprise.
- AWS โ HIPAA Eligible Services Reference: Amazon Bedrock on the HIPAA-eligible services list.
- OpenAI โ OpenAI models, Codex, and Managed Agents come to AWS: the April 28, 2026 Codex on Bedrock Limited Preview announcement.
- Anthropic โ Pricing: per-million-token rates for Opus 4.7, Sonnet 4.6, and Haiku 4.5, plus prompt-caching multipliers.
- Claude Code on Amazon Bedrock: setup reference for routing Claude Code to Bedrock under the AWS BAA.