What's the difference between HIPAA compliance on the ADD-ON page and HIPAA compliance on the assistant's privacy settings? I see that on the add on page it's +$1000 but I can still enable it for the assistant in the privacy section. What's the difference?

Great question! I couldn't find enough info in the docs to give you a clear answer on the difference between enabling HIPAA compliance via the ADD-ON page (with the $1000 charge) and enabling it in the assistant's privacy settings, so I'm escalating this to a human on our team to get you a definitive answer. For reference, enabling HIPAA compliance in Vapi disables call logs, recordings, and transcriptions to help you meet privacy requirements, and you can toggle it at the org or assistant level ([see details here](https://docs.vapi.ai/security-and-privacy/hipaa)). But the docs don't explain the pricing or the difference between the two enablement methods. We'll get back to you as soon as we have more info!

HIPAA compliance on the Add-On page enables account-wide protections, while the assistant’s privacy setting applies HIPAA safeguards only to that specific assistant..

Thanks for the answer. What extra security does the extra $1k bring? Isn't it the same if I just enable it on all my assistants?

The $1K HIPAA add-on provides account-wide compliance, enterprise support, SLAs, and auditing, features not included when enabling HIPAA individually per assistant..

When you enable enterprise wide HIPAA compliance, can you store call recordings and transcripts in vapi?

With HIPAA compliance enabled in Vapi, call recordings and transcripts are not stored, only a summary report is generated.