Deske
Get started

HIPAA & BAA status

Last updated: 2026-05-02

What we are

Deske is software-as-a-service for scheduling and front-office workflows at independent practices. Deske is not a HIPAA-covered entity, and we do not currently offer Business Associate Agreements (BAAs) to customers.

What you should not do

  • Do not send protected health information (PHI) through Deske notifications, SMS messages, or voice agent prompts.
  • Do not configure your voice agent or appointment templates to handle clinical detail beyond what is required to schedule a visit.
  • Do not rely on Deske as a substitute for a HIPAA-compliant patient communication system.

What we do

  • Calls are encrypted in transit and at rest.
  • Default appointment confirmation language avoids sensitive health detail.
  • The voice agent operates as a scheduling and front-office assistant — no diagnosis, no medical or dental advice, no emergency triage.
  • If a caller mentions an emergency, the agent says to hang up and call 911.

Roadmap

We may pursue a HIPAA-ready posture (BAA-eligible deployment) for healthcare practices in the future. Until that lands and is independently reviewed, do not treat Deske as HIPAA-compliant.

Reach us

Email security@deske.ai with compliance-related questions.

HIPAA & BAA status · Deske