By Sagar Shankaran, Founder of CallSphere
A practical comparison of which large model providers will sign a BAA in 2026, what is covered, and how to wire them into a HIPAA-aligned AI voice agent stack.
Key takeaways
Picking the wrong model in a healthcare voice agent is not a performance bug. It is a HIPAA breach waiting to be discovered.
flowchart LR
Patient["Patient call/chat"] -- "TLS 1.3" --> Edge["Cloudflare WAF"]
Edge --> App["CallSphere App<br/>HIPAA + SOC 2 aligned"]
App -- "encrypted" --> AI["AI Voice Agent"]
AI -- "tool_call · audit" --> Audit[("Audit log<br/>§164.312")]
AI --> EHR[("EHR · BAA-signed")]
EHR --> AI
AI --> PatientHIPAA at 45 CFR 164.502(e) requires a covered entity to obtain a BAA from any business associate that creates, receives, maintains, or transmits PHI. That obligation flows down to every subcontractor under 45 CFR 164.308(b)(2). A large language model provider that ingests prompts containing PHI is unambiguously a business associate — and unless that provider has both signed a BAA and exposed an endpoint or product line that is in scope for that BAA, the data flow is non-compliant the second a real patient name enters a prompt.
In 2026 there are four serious provider tracks for HIPAA-eligible large-model usage: OpenAI's API platform, Anthropic Claude, Google Vertex AI, and AWS Bedrock. Each has different scope, different procurement paths, and different operational gotchas.
OpenAI signs BAAs for the API platform on direct request to baa@openai.com, and for the new ChatGPT for Healthcare and ChatGPT Enterprise products through sales-managed accounts. Consumer ChatGPT, ChatGPT Plus, and ChatGPT Business are not BAA-eligible. Eligible API endpoints support zero data retention configuration, which is the operational pattern most healthcare buyers run.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
Anthropic offers HIPAA-ready Claude through enterprise plans on direct contracts and — more commonly — through AWS Bedrock, Google Vertex AI, and Microsoft Azure where the underlying cloud BAA covers the model. Consumer Claude.ai is not BAA-eligible.
Google Cloud signs a BAA that covers Vertex AI, Gemini API on Vertex, and the Healthcare API. The BAA must be in place at the Google Cloud organization level, and the regulated-data flag should be enabled at the project level for all PHI-bearing workloads.
AWS signs a BAA self-service through AWS Artifact at no additional cost. As of February 2026, the HIPAA Eligible Services Reference includes Amazon Bedrock, Bedrock AgentCore, Amazon Polly, Amazon Transcribe (including Transcribe Medical), Amazon Comprehend Medical, and Amazon Lex. The BAA applies account-wide but only covers eligible services — using a non-eligible service for PHI is a breach even if the BAA is signed.
CallSphere routes every healthcare prompt only to BAA-eligible model deployments. Our Healthcare Voice Agent uses OpenAI realtime endpoints under a signed OpenAI BAA with zero data retention, with Claude on AWS Bedrock as a fallback under the AWS BAA. Speech-to-text uses Amazon Transcribe Medical, text-to-speech uses Amazon Polly — both BAA-covered. Telephony runs on Twilio Programmable Voice with a signed Twilio BAA. Across our 90+ tools and 115+ database tables, every model call is logged with the provider, the model, the BAA reference number, the prompt size, and the response classification — so an auditor can verify in seconds that a given PHI flow only touched eligible providers. See our healthcare overview at /industries/healthcare and full pricing at /pricing.
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
Is consumer ChatGPT HIPAA-compliant? No. Consumer ChatGPT, ChatGPT Plus, ChatGPT Free, and ChatGPT Business are not BAA-eligible. Only the OpenAI API platform under a signed BAA, ChatGPT Enterprise, ChatGPT Edu, and ChatGPT for Healthcare are HIPAA-ready paths.
Which Claude products are HIPAA-ready? Anthropic's Enterprise plan with a signed BAA, plus Claude on AWS Bedrock and Claude on Google Vertex AI under the underlying cloud BAA. Claude.ai consumer tiers are not BAA-eligible.
Can I use AWS Bedrock for PHI today? Yes. AWS added Bedrock and Bedrock AgentCore to the HIPAA Eligible Services Reference in February 2026, and the BAA is self-serve in AWS Artifact at no charge.
Does CallSphere route PHI to consumer endpoints? Never. We have hard provider allow-lists and route healthcare prompts only to BAA-covered endpoints with zero data retention.
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
See how AI voice agents work for your industry. Live demo available -- no signup required.
Using GPT-Realtime-2 for healthcare voice agents. BAA scope, PHI handling, retention, logging, and why a managed platform usually wins this build.
How to actually observe a WebSocket fleet: ping/pong heartbeats, Prometheus metrics that matter, dead-man switches, and the alerts that fire before customers notice.
AI Control Tower is the governance layer for ServiceNow's Project Arc — policy, monitoring, and audit logs for autonomous agents. Here is how it works.
CAISI announced new agreements with Google DeepMind, Microsoft, and xAI in May 2026. What gets tested, what changes for enterprise AI buyers, what to watch.
The 2024 NPRM proposes mandatory penetration tests every 12 months and vulnerability scans every 6 months. Here is how an AI voice agent should be tested in 2026.
AWS HealthScribe became the open scribe layer EHR vendors built on top of in 2026. Here's the API surface, the per-encounter pricing, the BAA terms.
© 2026 CallSphere LLC. All rights reserved.