Skip to content

HIPAA Compliance Mode

Description

Configures the platform to meet HIPAA technical safeguard requirements for handling protected health information (PHI) in voice and digital interactions. Includes automatic de-identification of recordings, audit log retention, and Business Associate Agreement (BAA) support.

Canonical use case

A US healthcare provider activates HIPAA mode so that patient call recordings are stored with additional access controls, audit logs are retained for six years, and the BAA is in place before any PHI is processed.

Open Items

  • [ ] Canon alignment — populate canon_axiom_refs or confirm no existing axiom applies
  • [ ] Dependency assessment — set dependencies_assessed: true once SA has reviewed the full chain
  • [ ] effort_estimate — replace 0 with rough engineering days (order of magnitude)
  • [ ] public_description — write the public-facing description before publishing