Back to Home

HIPAA Compliance

Last updated: January 2026

CallSmile is fully HIPAA compliant. We take the security and privacy of Protected Health Information (PHI) seriously.

Business Associate Agreement

We provide a BAA to all customers, ensuring HIPAA-compliant handling of PHI.

End-to-End Encryption

All data is encrypted at rest (AES-256) and in transit (TLS 1.3).

SOC 2 Type II Certified

We maintain SOC 2 Type II certification for security and availability.

US-Based Infrastructure

All data is stored in secure US-based data centers.

Our Security Measures

  • Regular security audits and penetration testing
  • Role-based access controls
  • Comprehensive audit logging
  • Automatic session timeouts
  • Multi-factor authentication support
  • Regular employee HIPAA training

Request a BAA

To request a Business Associate Agreement or for questions about our HIPAA compliance, please contact us at hello@callsmile.ai