hello ai
Sign inStart free trial
Built by VoiceboxMD for healthcare

A HIPAA-aligned answering service, by design

Compliance isn't a badge you buy, it's how patient information is handled on every call. Here's what HIPAA actually asks of an answering service, and how Hello AI is built to meet it: a signed BAA, minimal PHI, strict access control, and a complete audit trail.

What HIPAA requires of an answering service

Four things that actually matter

A Business Associate Agreement

Any vendor that touches PHI on your behalf must sign a BAA. It's the legal backbone of a compliant relationship: no BAA, no compliant deployment.

Minimum necessary PHI

You should collect only the information needed for the task. Hello AI asks for a name, callback number, and brief reason, not a medical history.

Access controls

PHI must be limited to authorized people. Hello AI isolates every practice's data with row-level security so only your team sees your calls.

Auditability

You should be able to show who accessed or handled information, and when. Hello AI logs calls and every after-hours escalation attempt with timestamps.

How Hello AI is built for it

Privacy by design, not as an afterthought

Hello AI was built by VoiceboxMD specifically for healthcare-adjacent businesses. It never gives medical advice, never solicits clinical detail, and keeps conversations to scheduling and general information. After hours, urgent matters are escalated to your on-call provider with only the callback essentials. The sensitive conversation happens directly between your provider and the patient, not through the AI. See how that flow works in after-hours answering.

A note on honesty: HIPAA compliance depends on your full environment and a signed BAA. It isn't something any product can grant on its own. Hello AI provides the aligned design and the agreement; talk to us about a deployment that fits your practice before handling live patient calls.

FAQ

HIPAA & patient data, answered

Is an AI answering service HIPAA compliant?+

HIPAA compliance is about how protected health information (PHI) is handled, not whether a human or software answers the phone. An AI answering service can be HIPAA-aligned when there's a signed Business Associate Agreement (BAA), PHI is minimized and access-controlled, and there's an audit trail. Hello AI is designed around those principles and offers a BAA for eligible healthcare deployments.

Do you sign a BAA?+

Yes, a Business Associate Agreement is available for eligible healthcare plans. Because Hello AI may handle limited PHI (a caller's name, number, and reason for calling), a BAA is the foundation of a compliant deployment. Contact us to put one in place before you go live.

How does Hello AI minimize PHI?+

Hello AI only collects what's needed to route a call, typically a name, callback number, and a brief reason. It never solicits detailed medical history, and it never gives medical advice. After-hours urgent alerts to your on-call team are kept to the callback essentials rather than clinical detail, so sensitive information stays in your systems.

Who can see the call information?+

Access is scoped to your practice. Dashboard data (requests, call logs, and escalation records) is isolated per tenant with row-level security, so only your authorized team members can view your calls. Every urgent after-hours escalation is logged with timestamps for accountability.

Does Hello AI give medical advice?+

Never. Hello AI is strictly a scheduling and information assistant. It answers only from your approved content, deflects emergencies to 911, and lets patients self-select urgency without any clinical assessment. Anything requiring judgment is transferred or escalated to your staff.

Talk to us about a compliant deployment

Start a free trial to explore, and request a BAA before you take live patient calls.