โ† Back to Recamply
๐Ÿฅ

Healthcare Security Practices

Recamply implements strong security practices but is not HIPAA-compliant. Do not use with Protected Health Information (PHI) without explicit legal review.

โ›” HIPAA and PHI: Our Clear Position

โ€ขRecamply is not HIPAA-compliant. We are not a HIPAA-covered entity or business associate.
โ€ขWe do not sign Business Associate Agreements (BAAs). No exceptions.
โ€ขDo not use Recamply with Protected Health Information (PHI).
โ€ขUsing Recamply with PHI creates liability for your organization.
โ€ขIf you work in healthcare: Use Recamply for non-PHI administrative work only, or use a HIPAA-compliant alternative.

โš ๏ธ Dental AI Tools โ€” Clinical Disclaimer

Recamply's dental tools generate AI-suggested clinical content only. This content:

โ€ขMUST be reviewed and edited by a licensed dental professional before use
โ€ขIs not a substitute for clinical judgment
โ€ขMay not comply with your state dental board requirements
โ€ขDoes not constitute clinical advice or patient care
โ€ขIs generated by AI and may contain errors

You are solely responsible for compliance with dental licensing requirements and patient safety.

โš ๏ธ General Disclaimer

It is your responsibility to evaluate whether Recamply meets your organization's compliance needs. We strongly recommend consulting with your compliance officer or legal counsel before using Recamply in any regulated environment.

What We Do to Support Privacy

๐Ÿ—‘๏ธ

Limited Data Retention

Transcripts are not intentionally stored in our database unless you choose to save them. However, error monitoring systems (Sentry) may retain partial content in logs for up to 30 days. Browser cache may also retain data. We cannot guarantee zero retention of all traces.

๐Ÿ”

Strong Encryption

Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Passwords are bcrypt hashed.

๐Ÿ”‘

Strict Access Controls

Row Level Security (RLS) ensures users can only access their own data.

๐Ÿšซ

No Recording โ€” No Bot

Recamply never joins meetings or records audio. You control exactly what gets processed.

๐Ÿ“‹

Activity Logging

User actions are logged (logins, data access, deletions). However, these logs may not meet HIPAA Audit and Accountability Rule (164.312(b)) requirements. Consult your compliance officer.

๐Ÿ‘ฅ

Limited Human Access

Transcripts are processed by automated AI systems. Support staff do not intentionally access customer content. However, error logs and support requests may expose partial content.

What Recamply Does NOT Provide

โœ•HIPAA certification or compliance guarantee
โœ•Business Associate Agreements (BAAs) โ€” under any circumstances
โœ•Dedicated healthcare infrastructure
โœ•Legal advice on your compliance obligations
โœ•Guarantee that use with PHI meets your organization's requirements

How Healthcare Teams Use Recamply Responsibly

โœ“Use for internal staff meetings and administrative discussions โ€” not patient consultations
โœ“Remove or anonymize patient identifiers before pasting transcripts
โœ“Use for clinical note templates and documentation workflows where no PHI is entered
โœ“Consult your compliance officer before using in any regulated context
โœ“Use zero-retention mode โ€” do not save recaps containing patient information
Healthcare Organizations

If your organization requires HIPAA compliance or Business Associate Agreements, Recamply is not suitable for your needs. We recommend using a purpose-built HIPAA-compliant alternative.

For general questions about our security practices, contact support@recamply.com.

Security Policy ยท Privacy Policy ยท Terms of Service ยท support@recamply.com