HIPAA Compliance & Healthcare Use

Last updated: May 13, 2026

Available on: Mac, Windows, iOS, Android. BAA signing is supported on Mac, Windows, and iOS. Full enterprise HIPAA controls require an Enterprise plan on desktop.

If you dictate clinical notes, patient records, or other PHI, Wispr Flow supports HIPAA-compliant workflows — including Business Associate Agreements, Privacy Mode for zero data retention, and enterprise data controls.

What it is

Wispr Flow's HIPAA program covers three areas: infrastructure safeguards that protect PHI at the system level, Business Associate Agreements (BAAs) that formalize data handling obligations, and Privacy Mode plus enterprise controls that give organizations direct control over data retention. Together these meet HIPAA's administrative, physical, and technical safeguard requirements.

When to use it

Use HIPAA compliance features when you want to:

  • Dictate clinical notes, patient records, or other PHI using voice.

  • Ensure zero data retention for sensitive healthcare dictation.

  • Formalize data handling obligations with a signed Business Associate Agreement.

  • Enforce organization-wide privacy and data policies for your healthcare team.

How it works

Overview

Wispr Flow combines system-level safeguards, signed BAAs, and Privacy Mode to keep PHI protected throughout dictation and transcription. Enterprise administrators get additional controls to enforce these protections across their organization.

Key safeguards

  • Encryption: PHI is encrypted in transit and at rest.

  • Access controls: PHI access is limited to authorized personnel only.

  • Audit logging: PHI access and system activities are logged.

  • Incident response: Breach notification procedures are in place.

  • Security assessments: Regular security reviews and updates are performed.

  • Network security: Content Security Policy enforcement restricts all connections to approved HTTPS domains, prevents navigation to unapproved origins, and blocks permission requests from non-HTTPS sources.

  • Offline enforcement: Enterprise settings (including ZDR and data policies) are cached locally and remain enforced during network connectivity issues.

Business Associate Agreements (BAAs)

Wispr Flow enters into BAAs with covered entities and other business associates. Each BAA covers permitted uses and disclosures of PHI, safeguarding requirements, breach notification obligations, subcontractor management, individual and covered entity rights, and termination and data return provisions.

Privacy Mode for PHI protection

Enable Privacy Mode for any account that handles PHI. With Privacy Mode on:

  • Zero data retention: No dictation data is stored or used for model training by Wispr or any third party.

  • No PHI persistence: No PHI remains on Wispr Flow systems after transcription.

  • Subprocessor compliance: Subprocessors are contractually bound to the same zero-retention requirements.

  • Server-side enforcement: Wispr's servers independently verify Privacy Mode, ZDR, and HIPAA BAA status on every upload, providing protection even if a client-side issue occurs.

Note: After a HIPAA BAA is signed (individually or at the organization level), Privacy Mode is permanently locked on and the toggle is disabled. On iOS, the description changes to indicate Privacy Mode is enforced. Privacy Mode is also permanently locked on when your organization's administrator enables Zero Data Retention (ZDR).

Warning: Submitting a feedback report through the app automatically includes app preferences and log files (on desktop). If you report a specific transcription from your history, that report may also include the transcript text and audio recording. Avoid submitting reports that may contain PHI. Transcript-specific feedback submissions intentionally bypass server-side Privacy Mode, ZDR, and HIPAA sanitization — because the user explicitly opted to share that transcript by reporting it.

Notes (Scratchpad) behavior with a BAA

When a HIPAA BAA is signed or Privacy Mode is enabled, Notes behavior changes on iOS:

  • AI summary button: The AI summary option on note cells is hidden.

  • Spotlight indexing: Note content is not indexed in iOS Spotlight search, so notes cannot be found from the system search screen.

  • Note syncing: Notes sync is restricted when Privacy Mode is enabled or a HIPAA BAA has been signed. The only override is a server-side experiment.

  • Siri intent donations: Siri intent donations (which power Shortcuts suggestions) are disabled, though the Siri Shortcuts themselves remain registered and usable.

Note: These restrictions are determined client-side based on Privacy Mode or BAA status. Wispr can lift them for individual users via a server-side experiment, but they are not centrally administered toggles.

Enterprise data controls

Enterprise administrators have additional data controls for HIPAA compliance:

  • Zero Data Retention (ZDR): Enforces Privacy Mode for all organization members. ZDR cannot be disabled after a BAA is signed. Wispr may also lock ZDR on for your organization — contact support to modify if needed.

  • Local Data Policy: Choose between normal storage, automatic deletion after 24 hours, or never storing data locally. This applies to locally stored AI polish and rewrite data in addition to transcription history. When an enterprise sets a Local Data Policy, individual users can only choose options at the same or more restrictive level.

  • Hide Improve Model: When enabled, prevents data sharing for model improvement at the system level for all enterprise members, regardless of individual user toggle state. Configurable by enterprise admins through the admin portal.

  • SSO / SAML: Enterprise single sign-on is available. SCIM-provisioned users authenticate via SSO through your identity provider. SSO enforcement requires an active enterprise subscription.

  • SCIM provisioning: Manage team membership entirely through your identity provider. SCIM provisioning respects your enterprise seat cap — if the limit is reached, new users are not provisioned until capacity is available. When SCIM directory sync is active, manual member management through the admin portal is disabled.

Note: ZDR and Local Data Policy settings are only available on the Enterprise plan and can only be modified by organization administrators (Admin, SuperAdmin, or ItAdmin roles).

How to sign a BAA

Individual users sign the BAA directly within the Wispr Flow app. Enterprise administrators sign through the admin portal.

Note: The BAA document is loaded from Wispr's servers and requires an internet connection to view.

Individual users (Mac and Windows)

Sign the BAA from in-app settings:

  1. Open Wispr Flow and go to Settings → Data & Privacy.

  2. Click "View and accept" next to the HIPAA BAA option.

  3. Review the BAA document, enter your legal name, and click "I Agree."

The "I Agree" button is disabled until you enter your name. Once signed, the button changes to "View" and opens the BAA document directly.

Enterprise administrators

Sign on behalf of your organization through the admin portal:

  1. Open Wispr Flow and go to Settings → Data & Privacy.

  2. Click "Open admin portal" to manage the BAA for your organization.

The "Open admin portal" button appears for any enterprise user with an active subscription who has not yet signed — not exclusively for admins. After any enterprise user signs the BAA, their button becomes "View."

iOS

Sign the BAA directly on your device:

  1. Open Wispr Flow and go to Settings.

  2. Tap the HIPAA BAA option in the Data & Privacy section.

  3. Review the PDF, enter your legal name, and tap "I Agree."

After signing on iOS, the BAA PDF remains embedded in the view and you'll see "This action cannot be undone" below the embedded PDF. There is no separate "View" button on iOS.

Warning: Signing the BAA is irreversible and permanently enforces Privacy Mode (zero data retention). Once signed, you can view the BAA document but cannot re-sign or revoke it.

Tip: Contact your account representative for assistance with BAA signing.

How to enable Privacy Mode

Note: Privacy Mode is also offered as a choice during initial app setup. Enterprise users will have Privacy Mode pre-selected and locked during onboarding.

Mac and Windows

Turn on Privacy Mode from Settings:

  1. Open Wispr Flow and go to Settings → Data & Privacy.

  2. Enable the Privacy Mode toggle. None of your dictation data will be stored or used for model training.

iOS

Turn on Privacy Mode from Settings:

  1. Open Wispr Flow and go to Settings.

  2. Enable the Privacy Mode toggle. None of your dictation data will be stored or used for model training.

Android

Turn on Privacy Mode from Settings:

  1. Open Wispr Flow and go to Settings.

  2. Enable the Privacy Mode toggle in the Data & Privacy section.

Note: Android supports Privacy Mode but does not enforce enterprise privacy policies — the toggle remains user-controllable regardless of organization settings. Android does not support BAA signing or enterprise data controls.

FAQs

How does Wispr Flow handle subprocessors?

All subprocessors that may access PHI execute appropriate Business Associate Agreements, maintain HIPAA-compliant security controls, and adhere to zero data retention when Privacy Mode is enabled. For a current list of subprocessors, see the Subprocessors & Third-Party Security article.

What happens if there's a data breach?

Wispr Flow follows HIPAA-aligned breach notification procedures. Covered entities are notified without unreasonable delay, and no later than 60 days after breach discovery. Notification includes identities of affected individuals and details needed for covered entity notifications.

Does Wispr Flow support individual rights under HIPAA?

Yes. Wispr Flow supports covered entities in fulfilling individual rights under HIPAA, including the right to access PHI, request amendments, receive an accounting of disclosures, and request restrictions.

How does Wispr Flow handle the minimum necessary standard?

Wispr Flow limits PHI use, disclosure, and access to the minimum necessary to accomplish the intended purpose, consistent with HIPAA requirements and BAA obligations.

What training do Wispr Flow employees receive?

All Wispr Flow employees undergo security and privacy training upon hire, annual refresher training on HIPAA requirements, and role-specific training for personnel with PHI access.

Limitations and notes

  • BAA signing is available on Mac, Windows, and iOS. Android does not support BAA signing.

  • Privacy Mode is available on Mac, Windows, iOS, and Android. On Android, the Privacy Mode toggle in Settings is always user-controllable. Enterprise privacy enforcement is applied only during onboarding for enterprise users, not in the Settings screen.

  • Full enterprise HIPAA features (ZDR enforcement, Local Data Policy, BAA management) require an Enterprise plan and are administered from the desktop app.

  • Organizations using SCIM directory sync have user management controlled entirely through their identity provider.

  • On iOS, notes sync is restricted when Privacy Mode is enabled or a HIPAA BAA has been signed (subject to a server-side experiment override).

Still need help?

Reach out if you have questions about Wispr Flow's HIPAA compliance program:

  • Contact your account representative for BAA or compliance questions — include your organization name and plan.

  • Request HIPAA compliance documentation under NDA.

  • Review the Data Processing Addendum for data handling details.