Documentation Index
Fetch the complete documentation index at: https://docs.revdesk.com/llms.txt
Use this file to discover all available pages before exploring further.
RevDesk’s stance
RevDesk is built on top of several third-party services. HIPAA coverage for the whole stack depends on each layer’s posture:| Service | Role | HIPAA posture |
|---|---|---|
| Tier-1 carrier (voice, SMS, SIP trunking) | Carrier | Conduit Exception — the carrier transmits PHI but does not access message content, so no BAA is required. Security controls (encryption in transit + at rest, access controls, audit trail) still apply. |
| Number Reputation / Hiya | Analytics | Confirm per-deployment. Hiya processes calling metadata (numbers dialed, call duration, reputation scores). We treat this as non-PHI but customers with stricter policies should verify with their privacy officer before enrolling PHI-handling numbers. |
| LiveKit (real-time audio) | Media transport | BAA required — LiveKit Cloud offers HIPAA-Eligible Services but will not process PHI until a BAA is executed. Not self-serve; contact LiveKit sales. |
| Vercel (hosting) | Platform | BAA available on Enterprise. Required for the whole RevDesk stack to be HIPAA-compliant end-to-end. |
| Vercel Blob (call recordings, LOAs) | Storage | Covered under the Vercel BAA. |
| Managed Postgres | Data store | BAA required — depends on your provider (Neon, RDS, Supabase). |
| OpenAI / Anthropic (LLM) | AI agent | BAA available on Enterprise tiers. For customers without it, PHI-mention redaction is required before anything reaches the model. |
| Deepgram / AssemblyAI (STT) | Transcription | BAA available, case-by-case. |
| Stripe | Billing | BAA available; avoid putting PHI in invoice descriptions or metadata regardless. |
What the hipaa_enabled flag gates
A team with hipaa_enabled: true:
- Reputation routing never falls through to a non-BAA enterprise. If no suitable enterprise is found, enrollment is skipped and an operator is notified — we don’t silently ship PHI metadata to a path that isn’t covered.
- Recording retention defaults are tightened (90 days instead of unlimited, configurable).
- LLM routing prefers BAA-covered model providers; a fallback to non-BAA providers is blocked.
- Audit trail is enabled on every outbound mutation.
How to get BAAs signed
| Provider | Process |
|---|---|
| Tier-1 carrier | No BAA needed per the carrier’s stated Conduit Exception posture. Keep a copy of their published stance on file. |
| LiveKit | Contact LiveKit sales; they send a BAA for counter-signing. Typically days, not weeks. LiveKit HIPAA page. |
| Vercel | Enterprise plan only — contact your Vercel AM for the BAA addendum. |
| OpenAI | Enterprise plan; BAA is a rider on the MSA. |
| Anthropic | Enterprise API; BAA available. |
| Your Postgres provider | Varies — check their trust center. |
When to flip the flag for Jiro-style customers
Recommended sequence:- Sign the BAA with LiveKit (the only one of our required subprocessors that actually demands a counter-signed BAA).
- Verify Vercel + Postgres BAAs if you’re self-hosting or on a managed instance.
- Confirm carrier + Hiya — the carrier operates under the Conduit Exception; document this.
- Once the above are green, set
hipaa_enabled = trueon the umbrella org (PATCH /v1/sub-entities/{id}works for children; org-level flipping goes through the/settings/admin/organizations/{id}/editsurface). - Test reputation routing — provision a phone under a HIPAA-enabled sub-entity and verify the target enterprise resolves correctly (should find the umbrella enterprise, never the Cell Labs BPO).
Security posture RevDesk always provides
Regardless of the HIPAA flag:- TLS 1.3 in transit everywhere, AES-256 at rest.
- Encrypted credential storage (
REVDESK_ENCRYPTION_KEYenv var). - Row-level access control — every API query runs through
buildOwnershipFilterwhich scopes results to the authenticated principal’s org/team visibility. - Audit log on every mutation via tRPC middleware.
- Breach notification procedures per § 164.410.