Yobi AI Agents | Trust Center
HIPAA Compliant
Demonstrating our commitment to HIPAA compliance for AI-powered healthcare solutions. View our technical safeguards, security controls, and compliance framework that protect sensitive health information while enabling intelligent customer interactions.
Contact Information
Security Controls
Technical security controls and organizational safeguards currently implemented.
Infrastructure Security
✓
Unique production database authentication enforced
The company requires authentication to production datastores to use authorized secure authentication mechanisms, such as unique SSH key.
✓
Unique account authentication enforced
The company requires authentication to systems and applications to use unique username and password or authorized Secure Socket Shell (SSH) keys.
✓
Production application access restricted
System access restricted to authorized access only
✓
Production database access restricted
The company restricts privileged access to databases to authorized users with a business need.
✓
Remote access MFA enforced
The company's production systems can only be remotely accessed by authorized employees possessing a valid multi-factor authentication (MFA) method.
✓
Remote access encrypted enforced
The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection.
✓
Network firewalls utilized
The company uses firewalls and configures them to prevent unauthorized access.
Organizational Security
✓
Production inventory maintained
The company maintains a formal inventory of production system assets.
✓
Anti-malware technology utilized
The company deploys anti-malware technology to environments commonly susceptible to malicious attacks and configures this to be updated routinely, logged, and installed on all relevant systems.
✓
Password policy enforced
The company requires passwords for in-scope system components to be configured according to the company's policy.
✓
MDM system utilized
The company has a mobile device management (MDM) system in place to centrally manage mobile devices supporting the service.
Product Security
✓
Data encryption utilized
The company's datastores housing sensitive customer data are encrypted at rest.
✓
Control self-assessments conducted
The company performs control self-assessments at least annually to gain assurance that controls are in place and operating effectively. Corrective actions are taken based on relevant findings. If the company has committed to an SLA for a finding, the corrective action is completed within that SLA.
Frequently Asked Questions
Common questions about our security, compliance, and HIPAA protections.
Please email us at security@yobi.app. We take all security reports seriously and respond within 24 hours.
All of our production data is encrypted at rest using AES-256 encryption on secure instances. Data in transit is also encrypted, though some channels like SMS may not support end-to-end encryption.
All of our production servers are located in the United States in SOC 2 compliant data centers with 24/7 physical security monitoring.
Yes, we sign BAAs with healthcare organizations. The specific terms depend on your use case and requirements. To initiate this process, please email us directly at privacy@yobi.app.
We are currently HIPAA compliant and actively working towards SOC 2 Type II certification. We also maintain ongoing security assessments and penetration testing.