Is Voibe HIPAA-compliant?

Voibe is architecturally HIPAA-friendly because dictated audio and transcripts never leave your Mac — there is no PHI for us to receive or process. We are not a HIPAA Business Associate and do not currently sign Business Associate Agreements. Compliance for any specific clinical workflow is the covered entity's responsibility.

Does Voibe sign a Business Associate Agreement (BAA)?

No. Voibe is designed so that PHI never reaches our infrastructure. Because we do not receive, transmit, or store PHI on behalf of a covered entity, the Business Associate relationship that requires a BAA does not apply.

Can I use Voibe to dictate chart notes?

Many clinicians do — for chart notes between appointments, dictating into their EHR or note-taking app. Because transcription happens on your Mac, the patient information you dictate stays on your Mac. You should still confirm that this fits within your organization's information governance and EHR policies.

HIPAA-Friendly Dictation

Voibe is built so that dictated audio and transcripts never leave your Mac. For clinicians, that means PHI you dictate isn't being transmitted to a cloud transcription vendor — it stays on the device you're already using.

This page explains what "HIPAA-friendly" means here, the boundary of what Voibe offers, and the use cases where on-device dictation is the right fit.

The 30-second version

✓ Dictated audio and transcripts never leave your Mac.
✓ No PHI is transmitted to Voibe — there's nothing for us to receive, log, or breach.
⚠ Voibe is not a HIPAA Business Associate and does not currently sign BAAs.
⚠ HIPAA compliance for your overall workflow is your organization's responsibility — Voibe is one part of that picture.

What "HIPAA-friendly" means here

HIPAA's Privacy and Security Rules govern how covered entities and their business associates handle Protected Health Information (PHI). The core question for any tool a clinician introduces into their workflow is: does this tool receive, transmit, or store PHI?

For Voibe, the answer is no.

✓ Audio is captured and transcribed on your Mac. Apple Silicon's Neural Engine runs the model locally. The audio buffer is dropped after transcription — never written to a file we can access, never sent to our servers.
✓ Transcripts go straight into the app you're typing in. Whether that's your EHR, a note-taking app, or a Word document, the text path is local. Voibe keeps a local-only history on your Mac.
✓ What we do collect contains no PHI. Email address (for licensing), usage analytics (counts and feature usage, never content), and crash reports (technical diagnostics, not your dictation).

Because PHI never reaches our infrastructure, we aren't a Business Associate under HIPAA for the purposes of the dictation itself — there's nothing for a Business Associate relationship to govern. That is the architectural argument for why Voibe is a good fit alongside HIPAA workflows. For the technical detail on the pipeline, see How On-Device Dictation Works.

📋

What Voibe doesn't offer

We try to be precise about this so it doesn't surprise anyone in a procurement review.

We do not currently sign Business Associate Agreements (BAAs). Voibe is architected so PHI doesn't reach us, which is precisely why a BAA — which exists to govern PHI handling by a business associate — does not apply to the dictation flow.
We do not hold HIPAA-specific certifications. Voibe also does not currently hold SOC 2 or ISO 27001. See the Security page for our current posture.
We are not an EHR or a clinical documentation product. Voibe is the dictation layer. The systems you dictate into — EHR, note-taking apps, etc. — have their own compliance posture. Confirm those separately.
We can't make compliance claims about your overall workflow. HIPAA looks at the whole environment — device, network, downstream systems, training. Voibe is one component.

📝

Use cases for clinicians

What Voibe-using clinicians and healthcare workers tell us they use it for:

Chart notes between appointments

Dictate the note straight into the EHR field while it's fresh, instead of typing it after the patient has left. The audio stays on the Mac you're already using for the EHR.

Referral letters and reports

Long-form correspondence is faster to dictate than to type. Patient details stay local — there's no cloud transcription vendor in the chain.

Internal documentation

Case discussions, internal memos, peer review notes. Dictation throughput, with the same on-device guarantee.

Custom medical vocabulary

Use Memory to teach Voibe drug names, procedure codes, and abbreviations specific to your specialty. Stored locally, never uploaded.

✅

What to confirm with your team

If you're introducing Voibe into a clinical workflow, here are the questions a compliance or security team will reasonably want answered. Most have factual answers we've put on this site already.

Question	Where to find the answer
Does Voibe receive or transmit PHI?	How On-Device Dictation Works — full pipeline.
What does Voibe collect, and from whom?	Privacy Policy; Security page.
Who are the subprocessors?	Security page — full list.
How are macOS permissions scoped?	Permissions — what each grants and what Voibe cannot do with them.
What is your incident response process?	Security page — Incident response section.

For specific questions a compliance review surfaces, email hi@getvoibe.com and we'll respond directly.

Note. This page is informational and does not constitute legal or compliance advice. HIPAA compliance is determined for the workflow as a whole and is the responsibility of the covered entity. Confirm with your organization's privacy officer before using any new tool with PHI.

Compliance question we haven't covered? Email hi@getvoibe.com.

← Back to Help Center