----------------------------- **While I generate an answer, here are some sources that might be helpful**: * [Delete Assistant]() * [Create Assistant]() * [HIPAA Compliance]() * [List Assistants]() -----------------------------

### Answer The duration for which recordings are kept in Vapi is not explicitly mentioned in the available documentation. Typically, recordings and their retention policies would depend on the specific configurations and privacy settings you've applied within your Vapi environment, such as enabling HIPAA compliance, which affects data storage practices [(1)]() . Regarding the security concerns of hosting recordings without strict authentication, your point about the improbability of guessing a GUID (Globally Unique Identifier) is valid. This method does add a layer of security through obscurity, but it’s always wise to implement additional access controls if sensitive data is involved. If you need to delete a recording, while the documentation doesn't provide a direct method for deleting individual recordings, recordings are generally tied to the lifecycle of calls or sessions. Managing recordings can usually be integrated as part of your overall data handling strategy within the Vapi platform settings or by using server-side logic to handle data retention according to your policies. For any specific functionalities or further details on managing recordings securely within Vapi, reviewing the detailed API references and guides would be beneficial [(2)]() [(3)]() [(1)]() .

Got it. Tagging @User for additional help.