Team,
I am building an agent to address a use case in the healthcare sector. My question is: could I keep the bot-patient conversation logs and audio logs in the portal? Would it still be HIPAA-compliant?
Retell AI is fully HIPAA-compliant and ensures secure handling of Protected Health Information (PHI)(1)(2). All interactions processed through Retell AI are encrypted in transit and at rest(1)(2). The system enforces role-based access control (RBAC), multi-factor authentication, and audit logging to prevent unauthorized access(1).
Regarding storing conversation logs and audio logs in the portal while maintaining HIPAA compliance, Retell AI provides data retention controls that put you in charge of information handling(3). Additionally, Retell AI does not store sensitive patient information beyond the required timeframe, reducing compliance risks for healthcare organizations(2).
For healthcare implementations, Retell AI offers Business Associate Agreements (BAAs) under a flexible pay-as-you-go plan(1). The system enforces comprehensive safeguards including end-to-end encryption for all calls and data(3), and you maintain control over what the AI receptionist says, how it sounds, and when it transfers(3).
To ensure your specific use case remains HIPAA-compliant with conversation and audio log storage, I recommend contacting Retell AI directly at Contact Sales to discuss your data retention requirements and sign the necessary BAA(4)(5).
Could someone from the sales team or support reply here?
I understand you’d like to connect with someone from Retell AI’s team directly. Here are the best ways to reach them:
Contact Sales: Visit Contact Sales to speak with the sales team about HIPAA compliance, BAAs, and your specific healthcare use case(1).
Discord Community: Ask questions on Discord where Retell AI team members and the community can help(1).
GitHub: Visit https://github.com/RetellAI/ for technical resources and support(1).
For HIPAA-specific questions about storing conversation logs and audio in the portal, the sales team will be able to provide detailed guidance on BAA requirements and data storage options that maintain compliance(2)(3).
Hello @jawwad.memon
You can check our trust center
For compliance issues, please email us at support@retellai.com
If you’d like to not store the data on our servers, you can check this guide
Retell AI Compliance & Data Privacy Resources
For compliance information, you can visit the trust center.(1)
For compliance-related questions or issues, reach out to the support team at support@retellai.com.(2)
Data Storage Control
If you prefer not to store data on Retell AI’s servers, you can opt out of sensitive data storage.(3) This feature allows you to control how call recordings and sensitive information are handled.(3)
When you enable the opt-out option, call recordings won’t be stored on Retell’s systems, and you’ll need to store them in your own database if you want to maintain access to call logs.(3) The webhook payload structure remains the same, though some data might not be included if opt-out is enabled.(3)
Some users choose to leave opt-out disabled initially, retrieve the data via webhook, then use the update call API to remove the data from the dashboard after pulling it.(3)
HIPAA Compliance
Retell AI supports HIPAA compliance through Business Associate Agreements (BAAs).(4) You can sign a BAA at no additional cost through this link.(2)
HIPAA compliance on Retell AI includes end-to-end encryption for all calls and data, and data retention controls that put you in charge of information handling.(5)
For PHI (Protected Health Information), you can opt out of data storage after the call ends so it won’t be stored on Retell’s systems.(2) For more information about compliance controls, visit the trust center.(2)