HIPPA Compliance/BAA | Meeting Request Vapi AI #support

HIPPA Compliance/BAA | Meeting Request

A J

06/23/2025, 9:21 PM

I'd like to have a meeting with a member of the Vapi team to understand what your HIPPA compliant package includes, before going ahead and purchasing it. Who can I contact regarding this?

Kings_big💫

06/24/2025, 7:49 AM

Vapi’s HIPAA-compliant plan disables all data storage no transcripts, logs, or recordings, uses certified providers for in-memory processing, blocks PHI outside the /call endpoint, and ensures no data is used for model training, activated via "hipaaEnabled": true in the assistant config.. https://docs.vapi.ai/security-and-privacy/hipaa

A J

06/25/2025, 5:41 AM

does this mean the the model, voice and transcriber are all HIPPA compliant? Will there be any other configuration needed on our end for compliance? And can we get a copy of the BAA before signing?

A J

06/25/2025, 5:41 AM

we were going to set up a custom llm to help fix this instead

A J

06/25/2025, 5:42 AM

and are we still able to configure storage for our own recordings/transcripts

Kyle

06/25/2025, 11:57 PM

You can go through our security portal and read the necessary documents, which you can access through , and it will answer all your questions. Also, once you request the document, just email back with the email address and the company name through which you registered. I will approve the request for it.

Kyle

06/25/2025, 11:57 PM

Yes, if you purchase HIPAA compliance on the billing page ($1000/month), you can still have call recordings and VAPI can store them in a HIPAA-compliant manner. However, there are specific requirements to ensure HIPAA compliance for your recordings: 1\. **Cloud Storage Requirements**: - You must provide your own HIPAA-compliant cloud storage credentials - VAPI supports several providers for HIPAA-compliant storage: - Amazon S3 - Google Cloud Storage (GCP) - Others 2\. **Configuration Steps**: 1\. Purchase the HIPAA compliance add-on in your subscription billing page ($1000/month) 2\. Set up one of the supported cloud storage providers (S3, GCP, Azure, etc.) 3\. Add your storage credentials on the Provider Credentials page in the Dashboard 4\. Make sure your assistant's

artifactPlan.recordingEnabled

is set to true 5\. Configure the

recordingPath

if you want to customize where recordings are stored 3\. **Important Notes**: - Without proper cloud storage credentials, recordings won't be stored when HIPAA compliance is enabled - You'll still receive an end-of-call report with call information - With HIPAA enabled, VAPI won't store the recordings in their own storage This approach ensures your call recordings are stored in your own HIPAA-compliant environment while still allowing you to benefit from VAPI's call recording functionality.

A J

06/27/2025, 9:45 PM

does this mean we need to set Vapi up via code? This does not look doable via the dashboard.

A J

06/27/2025, 9:52 PM

A conversation with the Vapi team would help make this clearer.

Kyle

07/01/2025, 6:48 AM

When you add credentials via the integrations page for a storage location (S3, Google Cloud, etc.) it will automatically store your audio recordings in your storage location. As long as Audio Recording is enabled on the assistant level (on the dashboard under 'Privacy' section) your recording will be stored there.

Previous Next