HIPAA Compliance

Dentara is committed to maintaining the highest standards of data privacy and security in the healthcare industry.

Business Associate Agreement (BAA)

Dentara operates as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). We provide standard Business Associate Agreements to all eligible covered entities upon subscribing to our service.

Data Security Measures

• Encryption in Transit: All voice calls, transcripts, and API requests are encrypted using industry-standard TLS 1.2 or higher.
• Encryption at Rest: All stored data, including audio recordings and patient metadata, are encrypted at rest using AES-256 encryption.
• Access Controls: Strict role-based access controls (RBAC) ensure that only authorized personnel can access infrastructure. No Dentara employee has direct access to unencrypted patient health information (PHI) unless explicitly authorized for support purposes.
• Audit Logging: Comprehensive logging is maintained for all access to systems storing or processing PHI.

Third-Party Processors

Dentara utilizes trusted, HIPAA-compliant sub-processors (such as Google Cloud and Vapi) to deliver our services. We maintain current BAAs with all sub-processors that handle PHI on our behalf.