> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipecat.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# HIPAA

> HIPAA compliance for Pipecat Cloud

Pipecat Cloud provides HIPAA-compliant infrastructure for healthcare applications that need to process Protected Health Information (PHI).

## Infrastructure Compliance

Pipecat Cloud's infrastructure meets HIPAA controls for:

* Data processing
* Data transmission
* Secure handling of PHI

## Data Logging with HIPAA Controls

When HIPAA controls are enabled for your account:

**No application data is logged** - This includes conversation history and any PHI that may be contained in your application logs.

**Rationale**: Pipecat follows the HIPAA "minimum necessary" rule by logging only what's essential to run the service, rather than storing your PHI data.

**Alternative logging**: Configure an independent logging solution to route your application logs to your own secure log storage system.

## Business Associate Agreement (BAA)

Daily can sign a Business Associate Agreement covering:

* Pipecat Cloud
* Daily WebRTC infrastructure
* Daily transcription services

A single BAA covers all these services.

## Getting Started

Contact us at [help@daily.co](mailto:help@daily.co) to:

* Enable HIPAA controls for your account
* Sign a Business Associate Agreement
* Learn more about HIPAA compliance features