Security Overview
Your phones and patient data are mission-critical. Medreception AI is designed with a security-first mindset across our infrastructure, code, and day-to-day operations.
Infrastructure
- Hosted on major cloud providers with hardened baselines
- Network-level segmentation between public endpoints and internal services
- Regular patching and dependency review as part of our dev process
Encryption
- TLS for data in transit between clients and our services
- Encryption at rest for databases, call logs, and recordings where PHI may be present
- Limited retention windows for audio and transcripts, based on your practice's needs
Access Controls
- Role-based access for internal team members with least-privilege defaults
- Multi-factor authentication for administrative consoles
- Audit logging of sensitive administrative actions
Data Segregation
Customer data is logically separated by account to avoid mixing PHI between practices. Within each account:
- Unique identifiers for calls, messages, and AIs per tenant
- Account-level configuration for retention and access
Operational Security & Training
- Restricted access to production data on a need-to-know basis
- Internal policies covering PHI handling and HIPAA basics
- Change management practices for deployments and infrastructure updates
Your Responsibilities
Security is shared. We provide the tools and infrastructure to keep data safe; your practice is responsible for controlling who has access to dashboards, call recordings, and EHR systems, and for enforcing your local policies around PHI and device security.
GET STARTED
Ready to transform your practice with AI?
Get started with our AI Medical Receptionists today and experience the future of patient care and engagement.
Mobile optimized
Animation loads on larger screens to keep taps instant.