Last updated: April 29, 2026

HIPAA Compliance

This page summarizes how Stardehl approaches the Health Insurance Portability and Accountability Act (“HIPAA”) when customers use our answering services in connection with protected health information (“PHI”). It is informational only and does not replace legal advice or a signed Business Associate Agreement (“BAA”).

1. When HIPAA applies

HIPAA applies to covered entities (such as many healthcare providers and health plans) and, in many cases, their business associates. If you are a covered entity or business associate and you intend for Stardehl to create, receive, maintain, or transmit PHI on your behalf, you should ensure a BAA is in place before PHI is shared through the Services.

2. Business Associate Agreement

Where we act as a business associate under HIPAA, we will enter into a BAA that describes permitted uses and disclosures of PHI, our safeguards, subcontractor requirements, and breach notification obligations. Custom and certain enterprise plans may include HIPAA-oriented workflows; confirm availability and scope with our team before going live with PHI.

3. Minimum necessary

We design onboarding and scripts with customers to collect and relay only the information needed to answer calls and deliver summaries consistent with your instructions and applicable law. You are responsible for configuring scripts and routing so that PHI is handled appropriately for your practice.

4. Safeguards

We implement administrative, physical, and technical safeguards appropriate to the nature of our Services. Details are outlined at a high level on our Security page. Specific controls may be described further in your BAA or order form.

5. Subcontractors

We may use subprocessors (for example cloud hosting or telecom providers) that support the Services. Where required by HIPAA, we flow down appropriate obligations to subprocessors and maintain an inventory available upon request for customers with an active BAA.

6. Breach notification

If we discover a breach of unsecured PHI under our control as described in HIPAA, we will notify you without unreasonable delay as required by law and your BAA so that you may fulfill any obligations to individuals or regulators.

7. Contact

For HIPAA-related inquiries or to request a BAA template: hello@stardehl.com