Plan your dream trip with Cresta AI Agent at CCW Las Vegas – Learn more

  • Products
    Back
    PLATFORM
    AI Platform
    Cresta is the enterprise-grade Gen AI platform built for the contact center and trained on your data.
    • Cresta Opera
    • Integrations
    • Responsible AI
    PRODUCTS
    AI Agent
    Cut costs, not quality, with human-centric AI agents you can trust
    Agent Assist
    Harness real-time generative AI to empower agents with unmatched precision and impactful guidance.
    • Knowledge Assist
    • Auto-Summarization
    Conversation
    Intelligence
    Discover and reinforce the true drivers of contact center performance.
    • Cresta Insights
    • Cresta Coach
    • Cresta Quality Management
    • Cresta AI Analyst
  • Solutions
    Back
    USE CASES
    Sales
    Discover and reinforce behaviors that accelerate revenue growth
    Customer Care
    Deliver brand-defining CX at a lower cost per contact
    Retention
    Transform churn risks into
 lifelong promoters
    Collections
    Accelerate collections while minimizing compliance risk
    INDUSTRIES
    Airlines
    Automotive
    Finance
    Insurance
    Retail
    Telecommunications
    Travel & Hospitality

    Why Transcription Performance Is Holding Back Your AI Strategy

    LEARN MORE
  • Customers
    Back
    Customer Stories
    Learn how Cresta is delivering lasting value for our customers.
    • CarMax
    • Oportun
    • Brinks Home
    • Snap Finance
    • Vivint
    • Cox Communications
    • Holiday Inn
    • A Top Telecom
    • View all case studies

    Our Own Zero to One: Lessons Learned in Building The Brinks Home AI Agent

    LEARN MORE
  • Resources
    Back
    Resources Library
    • Webinars
    • Ebooks
    • Reports
    • Solution Briefs
    • Data Sheets
    • Videos
    • Infographics
    • Media Coverage
    • Press Releases
    Blog
    Industry News
    Help Center
    Solution Bundles

    AI Maturity Blueprint: A Practical Guide to Scaling AI Adoption in the Contact Center

    LEARN MORE
  • Company
    Back
    About Cresta
    Careers
    Trust
    Customers
    Partners

    We’re Going Global! Cresta Expands to APAC and EMEA

    READ THE POST
Request a demo
Request a demo
  • Cresta Blog
  • Company News

Cresta’s Commitment to HIPAA

Cresta furthers its commitment to security and privacy through the support for HIPAA compliance.

HIPAA and Cresta

Today, Cresta is excited to announce that it has met the requirements set forth by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) as a business associate. With this announcement, covered entities and business associates subject to HIPAA can use Cresta’s HIPAA-eligible products and may execute a Business Associate Agreement (BAA) with Cresta.

Why HIPAA?

Our customer base at Cresta consists of Fortune 100 companies who care greatly about the security and privacy of their data. Cresta currently maintains compliance with SOC 2 Type II, ISO/IEC 27001:2013, ISO/IEC 27701:2019, and PCI-DSS SP Level 2 in effort to reinforce our belief that the protection of customer data is of top importance. HIPAA is a natural next step for us in this journey to be able to serve an even wider array of clients who operate in or with the healthcare industry.

HIPAA and HITECH

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. Federal Law imposed on covered entities (i.e. healthcare providers, health plans, healthcare clearinghouses) to protect the privacy and security and protected health information (PHI) and electronic personal health information (ePHI). The scope of HIPAA was expanded in 2009 with the introduction of the Health Information Technology for Economic and Clinical Health Act (HITECH), and sets additional technical standards with respect to the confidentiality, integrity, and availability of PHI/ePHI.

When a covered entity wants to use a third party vendor that processes or stores PHI/ePHI, such as Cresta, the third party vendor would be classified as a business associate under HIPAA. These business associates are also subject to the HIPAA standard and must provide covered entities (and other business associates) with a Business Associate Agreement (BAA). This agreement outlines the business associate’s safeguards for the protection of PHI/ePHI, and clarifies the permitted and required uses and disclosures of PHI/ePHI by the business associate.

Ongoing Efforts

HIPAA compliance is not a one-and-done milestone – it’s a commitment that Cresta will continually audit and safeguard its environment to ensure the ongoing security and privacy of customer data. Cresta has over 100 employees globally and a dedicated security and compliance team to help strengthen the security of our company and product offerings as we continue to serve our enterprise clients. To learn more about Cresta’s Security and Compliance program, please visit Cresta’s Trust page.

February 24, 2022

100 South Murphy Ave Ste 300
Sunnyvale, California 94086

Karl-Liebknecht-Str. 29A
10178 Berlin, Germany

100 King Street West
1 First Canadian Place, Suite 6200
Toronto ON M5X 1E8

Info
  • AI Platform
  • Customers
  • Resources
  • Partners
  • Trust
  • About
  • Careers
  • Blog
  • Support
  • Contact Us
Follow us
  • LinkedIn
  • YouTube
  • Twitter

Newsletter

Subscribe for the latest news & updates

© 2025 Cresta

  • Terms of Service
  • Privacy Policy
  • Employee Privacy Notice
  • Privacy Settings