Built for practices that handle patient data.
DeskVoice is designed around HIPAA obligations. A Business Associate Agreement is available, data is encrypted in transit and at rest, and practice data is never used to train outside models.
HIPAA and the BAA
DeskVoice acts as a Business Associate to each practice. A Business Associate Agreement is executed before any patient data is handled, and the terms of that BAA govern the data.
Encryption in place
Integration tokens and keys are encrypted with AES-256-GCM at the application layer before storage. Data in transit is forced over HTTPS with HSTS.
Where data lives
Account records, configuration, transcripts, and credentials reside in Cloudflare D1 databases hosted within North American cloud regions.
How the data is protected.
User passwords are hashed with PBKDF2-SHA256 using a minimum of 100,000 iterations and a separate per-user salt. Plain-text passwords are never stored.
Integration tokens and keys are encrypted via AES-256-GCM before being written to storage. Primary keys are held separately in isolated Cloudflare Secret managers.
All traffic is served over HTTPS and enforced with HTTP Strict Transport Security (HSTS), which prevents connections from silently downgrading.
Call recordings and transcripts run and improve each practice's own assistant. Practice data is not used to train third-party foundation models.
Kept only as long as needed.
The vendors behind the service.
A short list of infrastructure providers supports the service. Each is bound by its own data-protection commitments.
Edge hosting, encrypted cloud storage, and the D1 databases that hold account records, call logs, and tokens.
Real-time voice orchestration that powers the bilingual phone receptionist.
Speech-to-text transcription of live caller audio, streamed in real time and not retained by the provider.
Language-model inference on anonymized, text-only transcripts. Not used to train its models.
Text-to-speech voice synthesis from outbound text only — no caller audio or personal data.
Low-latency audio transport that carries the live call between the caller and the voice engine.
Inbound and outbound call routing, carrier metadata, and urgent SMS alerts.
Subscription billing. Card and bank details are handled by Stripe and are never stored by DeskVoice.
Florida is an all-party consent state for call recording. A practice using DeskVoice is responsible for providing the appropriate caller notice or consent, and DeskVoice helps configure a compliant greeting during onboarding. This page summarizes the controls in plain language; the Privacy Policy and each signed BAA are the controlling documents.