Trust & security
How we handle your patients' data.
Smiley Desk routes phone calls — which means we're handling PHI (Protected Health Information). Here's exactly how, and what we've built so you can be comfortable putting Anna on your line.
HIPAA-compliant infrastructure
Anna runs on voice infrastructure (Retell + Twilio) that supports HIPAA-compliant deployments with signed BAAs. Before we go live for your practice, we sign a Business Associate Agreement with you that covers exactly how PHI flows through our system, our breach notification obligations, and our subprocessors.
All call audio and transcripts are encrypted in transit (TLS 1.2+) and at rest (AES-256). Access is logged and restricted to the engineers who need it for operational reasons.
How a call flows
When a patient calls a number forwarded to Anna:
- Twilio receives the call and sends the audio to Anna.
- Speech-to-text converts what the caller says into text in real time.
- Anna's reasoning layer (GPT-4o, deployed under a BAA) decides how to respond, using only your practice's configuration — your hours, services, insurances, and providers.
- Anna's response is converted back to natural speech and sent to the caller.
- If she books an appointment, we write it to your shared calendar and text the caller a confirmation.
Every call generates a transcript and metadata (length, outcome, booking confirmation) that we keep in encrypted storage for your review and audit purposes.
What we do NOT do
- No model training on patient calls. Your patients' audio and transcripts are never used to train or fine-tune any AI model — ours or anyone else's.
- No selling or sharing data. We don't sell, rent, or share patient data with anyone outside the subprocessors required to run the service (voice infrastructure, telephony).
- No third-party advertising. No ad networks, no analytics on call content. Period.
- No medical advice from Anna. Anna is configured to refuse to diagnose or give clinical advice. For clinical questions, she captures a callback and escalates to your team.
Audit and transparency
You get a full call log for every call Anna handles for your practice — caller (if disclosed), date/time, transcript, outcome, and any booking made. You can audit her behavior in real time.
If you ever ask us to delete a specific patient's records, we will do so within 30 days and provide written confirmation.
If you cancel
Within 30 days of ending the service, we return all your data (configuration, call logs, recordings) to you in a portable format and permanently delete it from our systems. You leave with everything; we keep nothing.
Questions about security or compliance?
We're happy to walk through anything in detail before you commit to a pilot — including reviewing our BAA template and subprocessor list. Email arsh@trysmileydesk.com or book a call.
Book a security walkthrough