HIPAA Compliance

The U.S. Health Insurance Portability and Accountability Act (HIPAA) establishes national standards to protect individuals' medical records and other health information.

Privacy and confidentiality

The Act requires appropriate safeguards to protect the privacy of health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Act also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections.

HIPAA compliance means that Rev AI's ASR has all of the appropriate safeguards in place to protect the security and confidentiality of Protected Health Information (PHI) data that may persist in audio, custom vocabulary, and transcript files sent by our customers. This also opens up completely new opportunities for companies and healthcare professionals to leverage the world’s best ASR engine for their voice applications.

Learn more about Rev AI's HIPAA compliance.

Activation

In order for the Rev AI team to make sure an account and data sent to the ASR through that account is HIPAA-enabled (and thus protected), it is necessary for the account owner to sign a Business Associate Agreement (BAA) and an updated MSA with Rev AI. This BAA is an explicit agreement between both parties to ensure that each party understands the responsibilities and contingencies associated with processing data which may contain PHI.

To access the BAA, please get in touch with your Rev sales, customer success, or account manager or contact us online.

Once the BAA and updated MSA are signed:

  • Create a new Rev AI account for HIPAA-compliant orders.
  • Send the new Rev AI account information to your sales contact.
  • Rev AI will update the account to enable HIPAA-compliant processing and notify when this is complete.
  • Confirm the new account is properly HIPAA enabled by visiting https://rev.ai/account .

Once the BAA has been executed and the account has been updated, the account will be ready to process PHI.

attention

Do not send Rev AI any filenames or URLs that may contain PHI in the name. Rev AI is not liable for any PHI that may be exposed in this manner.

Learn more in the Rev AI HIPAA FAQ.

API limitations

When used in HIPAA context, Rev AI's APIs have some limitations, as described below.

Asynchronous Speech-to-Text API

  1. When submitting a media file, the media_url option is not supported. Instead, the source_config option must be used.
  2. Human transcription ( transcriber=human ) is not supported.

Learn more about the Asynchronous Speech-to-Text API.

Streaming Speech-to-Text API

  1. RTMP streams are not supported.

Learn more about the Streaming Speech-to-Text API.