Is Envoy compliant with HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a US law that covers the electronic transfer and retention of personal medical information.

Envoy is not currently compliant with HIPAA. As such, you shouldn't use Envoy to store sensitive medical data. Read our terms and conditions for more details. For the most up-to-date information from the U.S Department of Health and Human Services click here.

How does Envoy store data?

Your data is yours. All of your visitor data is stored indefinitely while you’re an Envoy customer. We only delete or purge data upon explicit request.

If you choose to end your subscription, Envoy will maintain your data for 30 days after cancellation and will thereafter delete or destroy your data. For more information on this part of our policy, see our Terms of Service.

Responses to Protect employee screening questions will be transmitted over secure channels to Envoy’s servers for processing and removed no more than 24 hours later—we do not retain employee responses to the screening questions unless the Global admin uses our Managing response options feature to specifically retain certain answers. See more here.

Did this answer your question?