Skip to content

HIPAA & BAA

CayesDesk HIPAA Compliance & Business Associate Agreement (BAA)

At CayesDesk, operated by Oncova Clinical Research LLC, we understand that trust is the foundation of healthcare. We do not treat HIPAA compliance as an afterthought; it is built into the core architecture of our Intelligent Patient Concierge.

Full HIPAA compliance
BAA-ready deployment
Signed before live calls
1

What is a BAA?

Under the Health Insurance Portability and Accountability Act (HIPAA), a "Covered Entity" such as your medical practice, Med Spa, or dental clinic must have a written Business Associate Agreement (BAA) with any "Business Associate" such as CayesDesk that handles Protected Health Information (PHI) on its behalf.

2

Our HIPAA Posture & Commitment to You

  • Strict PHI Safeguards: All Protected Health Information (PHI), including call transcripts, audio recordings, and SMS summaries routed to your staff, is encrypted both in transit (TLS 1.2+) and at rest (AES-256).
  • No Public AI Model Training: We utilize enterprise-tier infrastructure for our AI models. Your patients' data is strictly siloed. It is never used to train public AI models or shared with public LLM databases.
  • Minimum Necessary Rule: Our AI is programmed to collect only the minimum necessary information required to route the patient's request to your staff, such as name, phone number, and reason for visit.
  • Compliant Subprocessors: Our telecommunications and cloud infrastructure providers operate under enterprise-grade BAAs.
  • Clinical Guardrails: Our system is hardcoded with approved communication guardrails. It redirects clinical, diagnostic, or emergency inquiries to your human staff or 911, reducing clinical risk exposure for your practice.
3

Executing Your BAA

A Business Associate Agreement is legally required before we can activate your Intelligent Patient Concierge to handle live patient calls.

Once you select your plan and initiate Start Your Free 14-Day Trial, our onboarding team will automatically send our standard, legally vetted BAA via secure e-signature, such as DocuSign. Your free trial will only commence after this document is signed by an authorized representative of your practice.

If your legal or compliance team requires a copy of our standard BAA for review prior to booking a demo, please use Contact Support to request a copy.

Next step

Review CayesDesk with your team.

These pages are designed to support buyer review before a live call, pilot, or onboarding conversation.

Contact Support
Speak with Vivienne. Patient Concierge · Demo.