Hello, does the HIPAA compliance subscription include the LLM and transcriber models, or will we need separate BAA's through them and hook them up independently?

Based on the information I have, Vapi's HIPAA compliance subscription ensures that Vapi itself doesn't store any customer data, call logs, recordings, or transcriptions. However, I couldn't find a definitive answer about whether this covers the LLM and transcriber models. What I did find is that Vapi recommends checking directly with the service providers like OpenAI (for LLMs), 11labs (for TTS), and Deepgram (for STT) regarding their HIPAA compliance status. This suggests you might need separate arrangements with these providers. To help you better, could you share which specific LLM provider (like OpenAI, Anthropic, etc.) and which transcription service (Deepgram, Gladia, etc.) you're planning to use with Vapi? This would help me provide more targeted information about their HIPAA compliance options. Sources: - [Discord Thread about HIPAA and Service Providers](https://discord.com/channels/1211482211119796234/1211483291191083018/threads/1340678434703282207) - [Discord Thread about HIPAA Compliance and Data Storage](https://discord.com/channels/1211482211119796234/1211483291191083018/threads/1332423973715316868) - [Discord Thread about HIPAA Configuration](https://discord.com/channels/1211482211119796234/1211483291191083018/threads/1342138198230302870)

Hey Bryan, the HIPAA subscription or HIPAA compliance is for VAPI agreement only, not for the other service providers. So you need to sign out a separate BAA with them.