Which SignalWire products are covered under the BAA?

SignalWire's BAA covers all communications processed through SignalWire's own services: Programmable Voice, AI Agents, Messaging (SMS/MMS), Call Recording and Transcription, Video Conferencing, and Programmable Fax. Traffic routed through third-party carriers or systems outside SignalWire's platform is not covered under the BAA.

Can I use SignalWire for telehealth or healthcare communications?

Yes. SignalWire supports secure voice, messaging, and video communications suitable for telehealth and healthcare workflows.

Does SignalWire require an enterprise contract to get a BAA?

No. Unlike many providers that restrict BAAs to enterprise tiers, SignalWire offers BAAs to all customers. HIPAA compliance coverage across all of SignalWire's APIs is available for startups and growth-stage health tech companies without enterprise-level red tape.

BAA-HIPAA Compliance

Q: How can I request a BAA?

Reach out via the Contact Sales form or email your customer success manager directly. Once we understand your use case, we'll guide you through the next steps, including pricing, documentation, and BAA review.

Build Compliant Applications Without Slowing Down

HIPAA compliance is non-negotiable, but it doesn’t have to slow your team down. SignalWire’s Business Associate Agreement covers voice, messaging, fax, AI workflows, and video traffic that runs on SignalWire’s platform—with all features included, no surprises, and lower total cost of ownership.

Programmable Voice & Video: Initiate, Control, and Route Calls Using REST APIs

TLS/SRTP encryption in transit
Dynamic start/stop call recording
Real-time transcription and translation
AI-driven flows with mid-call context switching

Call Flows & IVRs: Build Flexible Voice or DTMF IVRs

Sandboxed execution and event-based routing
Role-based access and PHI-aware branching
Seamless handoffs to AI or human agents

Fax APIs: Send and Receive Faxes over PSTN or SIP

TIFF and PDF support with delivery receipts
TLS-secured transmission
Real-time status callbacks and PHI-safe document handling

Learn More

SMS & MMS: Use REST APIs to send and receive over TLS

Delivery status callbacks, message queuing
Number pooling and traffic segmentation
BAA-compliant messaging when handling PHI

Verified Messaging: Enhance message deliverability and traceability

10DLC, toll-free, and short code support
Retry logic and delivery error visibility
Audit-ready message logs

Two-Factor Authentication: Secure user access via SMS or Voice

OTP support with expiration windows and rate limiting
Webhook callbacks for verification tracking
Compliant for patient portals, EHR logins, and more

Learn More

AI Agents: Build intelligent, human-like AI voice bots

Natural language understanding (NLU) and context management
PHI-aware routing and secure memory handling
Workflow triggers via SignalWire AI Gateway (SWAIG) and backend integrations

Datasphere API: Power agents with real-time access to indexed knowledge using Retrieval-Augmented Generation (RAG)

Define data access with governance policies
Contextual, explainable retrieval of structured and unstructured content
Ideal for Insurance eligibility checks, patient FAQs, care protocols

SignalWire AI Gateway (SWAIG): Expose business logic and APIs to AI Agents securely

Declarative function definitions with schema validation
Parameter filtering and PHI boundary enforcement
Supports JSON, text, or SWML-formatted responses

Learn More

Frequently Asked Questions

What is a BAA, and why do I need one?

A BAA (Business Associate Agreement) is a legally required contract under HIPAA that ensures SignalWire will properly handle and safeguard any Protected Health Information (PHI) you process through our platform. If you're a healthcare provider, vendor, or platform handling PHI — via voice, SMS, AI, fax, or video — you must have a signed BAA in place to remain compliant.

What products and services are covered under SignalWire's BAA?

There's no need to mix vendors or check eligibility product-by-product. The BAA applies to communications processed by SignalWire services. Traffic routed through third-party carriers, providers, or systems outside SignalWire is not covered.

Programmable Voice
AI Agents
Messaging (SMS, MMS)
Call Recording & Transcription
Video Conferencing
Programmable Fax

Do I need to be an enterprise customer to get a BAA?

No. Unlike many providers that restrict BAAs or compliant products to enterprise plans, SignalWire offers BAAs and compliant products to all customers. We believe compliance shouldn't require enterprise-level red tape. Once our team has a better understanding of your use case, we'll guide you through pricing, documentation, and BAA review.

How long does it take to get a signed BAA?

Most BAAs can be reviewed and executed within a few business days. SignalWire uses a standardized agreement to speed up the legal process, and we're happy to coordinate with your security or compliance team as needed.

What certifications is SignalWire compliant with?

SignalWire is SOC 2 Type II compliant, and aligns with GDPR, CCPA, and PCI-DSS standards. These frameworks support the security and compliance posture required by HIPAA and other regulated environments. To learn more about our certifications, visit our Compliance Center.

Does the BAA cover traffic if I use my own carrier or route calls outside SignalWire?

No. The BAA covers the use of SignalWire services. If you bring your own carrier, use another provider, or route media or signaling outside of SignalWire, that portion is outside the scope of SignalWire's BAA.

How can I request a BAA?

Reach out via our Contact Sales form or email your customer success manager directly. Once we understand your use case, we'll guide you through the next steps, including pricing, documentation, and BAA review.

Compliant communications built
for regulated industries without
enterprise pricing.

Build Compliant Applications Without Slowing Down

Inside the SignalWire Stack

“SignalWire’s HIPAA-compliant platform gives us the confidence to communicate with families securely and at scale — it’s become a lifeline for our patients.”

Compliance-Ready Solutions

Telehealth Voice & Video

Financial Support Systems

Voice AI Agents

Insurance Verification Systems

Flexible BAA Plans for HIPAA-Compliant Communications

Frequently Asked Questions

Build Securely and Confidently with SignalWire