For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Connect
BlogHelp CenterAPI PricingSign up
OverviewElevenCreativeElevenAgentsElevenAPIAPI referenceChangelog
OverviewElevenCreativeElevenAgentsElevenAPIAPI referenceChangelog
  • Get started
    • Overview
    • Quickstart
  • Configure
    • Overview
    • Voice & language
    • Knowledge base
    • Tools
    • Personalization
    • Authentication
  • Deploy
    • Overview
    • Environment variables
    • WhatsApp
    • Batch calls
  • Monitor
    • Overview
    • Users
    • Testing
    • Experiments
    • Versioning
    • Conversation Analysis
    • Analytics
    • Real-time monitoring
    • Privacy
    • Cost optimization
    • CLI
  • Advanced
    • Events
    • Custom models
    • LLM cascading
    • Post-call webhooks
  • Resources
    • UI components
  • Guides
    • Chat Mode
    • Burst pricing
    • ElevenLabs' docs agent
    • Scaling user interviews
    • Simulate Conversations
      • HIPAA
      • TCPA
      • Disclosure requirement
LogoLogo
Login
Login
Connect
BlogHelp CenterAPI PricingSign up
On this page
  • Overview
  • Controls designed to promote HIPAA compliance
  • Enterprise customers
  • Available LLMs
  • Technical implementation
  • Developer experience
  • API restrictions are enforced
  • FAQ
  • Considerations
  • Related resources
Legal

HIPAA

Learn how ElevenLabs Agents, coupled with Zero Retention Mode, is designed to promote HIPAA compliance for healthcare applications. Please refer to our [compliance page](https://compliance.elevenlabs.io/) for the latest information.
Was this page helpful?
Previous

TCPA Compliance

Understand key TCPA requirements for using AI agents in outbound calling
Next
Built with

Learn how ElevenLabs Agents, coupled with Zero Retention Mode, is designed to promote HIPAA compliance for healthcare applications. Please refer to our compliance page for the latest information.

Overview

ElevenLabs Agents is one of ElevenLabs’ HIPAA-eligible services, and we offer Business Associate Agreements (BAAs) to eligible customers. To the extent Covered Entities and Business Associates, as defined under HIPAA, have executed a BAA and have Zero Retention Mode engaged, ElevenLabs allows such customers to develop AI-powered voice agents for the handling Protected Health Information (PHI). The application of Zero Retention Mode is designed to promote compliance with HIPAA by limiting the processing of such PHI. You can read more about Zero Retention Mode here.

Controls designed to promote HIPAA compliance

When HIPAA compliance is required for a workspace, and to the extent a BAA has been executed with ElevenLabs, the following policies are enabled:

  1. Zero Retention Mode - You can read more about Zero Retention Mode here
  2. LLM Provider Restrictions - Only LLM from providers with whom we have a BAA in place are available as preconfigured options
  3. Storage Limitations - Raw audio files and transcripts containing PHI are not retained

If you want to use LLMs that aren’t available preconfigured in Zero Retention Mode, you can still use them in ElevenAgents by:

  1. Arranging to sign a BAA directly with the LLM provider you’d like to use
  2. Using your API key with our Custom LLM integration
  3. Notify ElevenLabs Support of your intention to use a Custom LLM while Zero Retention Mode is active to have the setting enabled.

To the extent Zero Retention Mode is engaged, ElevenLabs’ platform is designed to ensure that PHI shared as part of a conversation is not stored or logged in any system component, including:

  • Conversation transcripts
  • Audio recordings
  • Tool calls and results
  • Data analytics
  • System logs

For ElevenAgents, your BAA applies only to the extent provided therein. To the extent you wish to forego Zero Retention Mode with respect to any ElevenLabs agent, no PHI should be submitted to the Service in connection therewith, and such agent is no longer deemed a covered service for purposes of the BAA. Notwithstanding anything to the contrary, while ElevenLabs’ ElevenAgents Service, coupled with Zero Retention Mode, is designed to promote compliance with HIPAA, you are fully responsible for ensuring compliance with all obligations applicable to you and for ensuring your use of the Services is compliant with all applicable laws.

Enterprise customers

Execution of a BAA, as may be required by HIPAA, is only available for Enterprise tier subscriptions. Contact your account representative to discuss further. PHI should not be submitted to the ElevenLabs Services unless a BAA is in place and only to the extent permitted under such BAA.

Available LLMs

When operating in Zero Retention Mode, only the following LLMs are available:

Google Models
  • Gemini 2.5 Flash
  • Gemini 2.5 Flash Lite
  • Gemini 2.0 Flash
  • Gemini 2.0 Flash Lite
  • Gemini 1.5 Flash
  • Gemini 1.5 Pro
  • Gemini 1.0 Pro
Anthropic Models
  • Claude Sonnet 4.5
  • Claude Sonnet 4
  • Claude Haiku 4.5
  • Claude 3.7 Sonnet
  • Claude 3.5 Sonnet
  • Claude 3 Haiku
Custom LLMs
  • Custom LLM (supports any OpenAI-API compatible provider and requires you to bring your own API keys)

Technical implementation

Zero Retention Mode implements several safeguards and is designed to:

  1. LLM Allowlist - Prevent use of LLMs except as provided above
  2. PII Redaction - Automatically redact sensitive fields before storage
  3. Storage Prevention - Disable uploading of raw audio files to cloud

Developer experience

When working with Zero Retention Mode agents:

1

LLMs (except the available LLMs as described above) are disabled in the UI

Redacted conversation analysis showing Zero Retention Mode in action

The UI shows disabled LLM options with tooltip explanations
2

Content is redacted from content history

Redacted conversation history showing Zero Retention Mode in action

All sensitive information contained within the prompt or output is redacted and not stored
3

Conversation analysis is limited

Redacted conversation analysis showing HIPAA compliance in action

Minimal information is visible to ElevenLabs given Zero Retention Mode

API restrictions are enforced

API calls attempting to use unavailable LLMs will receive an HTTP 400 error. Analytics data will be limited to non-sensitive metrics only.

FAQ

Can I use any LLM if I am subject to HIPAA?

No. In such case, you can only use LLMs from the approved list. Attempts to use other LLMs will produce an error. You can always use a custom LLM if you need a specific model not on the allowlist.

Can I execute a BAA with ElevenLabs if I am subject to HIPAA?

BAAs are only available to enterprise customers. Please refer to your account executive to discuss further.

Does the application of Zero Retention Mode affect conversation quality?

No. Zero Retention Mode and the execution of a BAA only affects how data is stored and which LLMs can be used. It does not impact the quality or functionality of conversations while they are active.

Can I still analyze conversation data?

Yes, but with limitations. Conversation analytics will only include non-sensitive metadata like call duration and success rates. Specific content from conversations will not be available.

Considerations

When building voice agents, you may consider:

  1. Use Custom LLMs when possible, which may provide enhanced control over data processing
  2. Implement proper authentication for all healthcare applications
  3. Validate configuration is correct by checking redaction before launching + passing PHI

Related resources

ElevenAgents Security

Learn about securing your ElevenLabs agents

Custom LLM Integration

Set up your own LLM for maximum control and compliance