HIPAA Eligible Products and Services

The following services have been assessed to meet the requirements of the Security, Breach Notification, and Privacy Rules of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

• Realtime transport with WebRTC and SIP
• Egress (recording and export)
• Ingress (stream ingestion)
• Agent hosting

LiveKit Inference

LiveKit Inference is HIPAA-compliant when the following models are used:

Speech-to-Text

• assemblyai/universal-streaming
• cartesia/ink-whisper
• deepgram/nova-3
• deepgram/nova-3-general
• deepgram/nova-3-medical
• deepgram/nova-2
• deepgram/nova-2-general
• deepgram/nova-2-medical
• deepgram/nova-2-conversationalai
• deepgram/nova-2-phonecall

LLM

• openai/gpt-4o
• openai/gpt-4o-mini
• openai/gpt-4.1
• openai/gpt-4.1-mini
• openai/gpt-4.1-nano
• openai/gpt-5
• openai/gpt-5-mini
• openai/gpt-5-nano
• openai/gpt-oss-120b
• google/gemini-2.5-pro
• google/gemini-2.5-flash
• google/gemini-2.5-flash-lite
• google/gemini-2.0-flash
• google/gemini-2.0-flash-lite
• qwen/qwen3-235b-a22b-instruct
• moonshotai/kimi-k2-instruct
• deepseek-ai/deepseek-v3

Text-to-Speech

• cartesia/sonic
• cartesia/sonic-2
• cartesia/sonic-3
• cartesia/sonic-turbo
• rime/arcana
• rime/mist
• rime/mistv2

Important Note

If you are a Covered Entity or Business Associate as defined by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), you agree to not to use the HIPAA Eligible Services for any purpose or in any manner involving Protected Health Information ("PHI") without first entering into a LiveKit Business Associate Agreement.