DeskVoice
Security & compliance

Built for practices that handle patient data.

DeskVoice is designed around HIPAA obligations. A Business Associate Agreement is available, data is encrypted in transit and at rest, and practice data is never used to train outside models.

HIPAA-aware BAA available AES-256-GCM at rest HSTS / TLS in transit North American data residency

HIPAA and the BAA

DeskVoice acts as a Business Associate to each practice. A Business Associate Agreement is executed before any patient data is handled, and the terms of that BAA govern the data.

Encryption in place

Integration tokens and keys are encrypted with AES-256-GCM at the application layer before storage. Data in transit is forced over HTTPS with HSTS.

Where data lives

Account records, configuration, transcripts, and credentials reside in Cloudflare D1 databases hosted within North American cloud regions.

Technical safeguards

How the data is protected.

Password protection

User passwords are hashed with PBKDF2-SHA256 using a minimum of 100,000 iterations and a separate per-user salt. Plain-text passwords are never stored.

Application cryptography

Integration tokens and keys are encrypted via AES-256-GCM before being written to storage. Primary keys are held separately in isolated Cloudflare Secret managers.

Transport security

All traffic is served over HTTPS and enforced with HTTP Strict Transport Security (HSTS), which prevents connections from silently downgrading.

No external model training

Call recordings and transcripts run and improve each practice's own assistant. Practice data is not used to train third-party foundation models.

Data retention

Kept only as long as needed.

Call transcripts & audio recordings
Deleted by default — or a shorter window where a practice’s BAA requires it.
90 days
Customer account information
Then removed 90 days after cancellation, permanently.
Subscription lifetime
Financial records (billing history)
To meet IRS and Florida Department of Revenue requirements.
7 years
Sub-processors

The vendors behind the service.

A short list of infrastructure providers supports the service. Each is bound by its own data-protection commitments.

Cloudflare, Inc.

Edge hosting, encrypted cloud storage, and the D1 databases that hold account records, call logs, and tokens.

Vapi, Inc.

Real-time voice orchestration that powers the bilingual phone receptionist.

Deepgram, Inc.

Speech-to-text transcription of live caller audio, streamed in real time and not retained by the provider.

OpenAI, L.L.C.

Language-model inference on anonymized, text-only transcripts. Not used to train its models.

ElevenLabs, Inc.

Text-to-speech voice synthesis from outbound text only — no caller audio or personal data.

LiveKit

Low-latency audio transport that carries the live call between the caller and the voice engine.

Twilio, Inc.

Inbound and outbound call routing, carrier metadata, and urgent SMS alerts.

Stripe, Inc.

Subscription billing. Card and bank details are handled by Stripe and are never stored by DeskVoice.

Florida call-recording notice

Florida is an all-party consent state for call recording. A practice using DeskVoice is responsible for providing the appropriate caller notice or consent, and DeskVoice helps configure a compliant greeting during onboarding. This page summarizes the controls in plain language; the Privacy Policy and each signed BAA are the controlling documents.