Delete structured outputs section for HIPAA compliance

sailingnat · web-flow · commit 2dd854a2bdd3 · 2026-02-24T17:02:27.000-08:00
Removed section on structured outputs in HIPAA mode, including usage guidelines and configuration instructions as we introduce a new hipaa mode that will allow customers to use structured outputs
diff --git a/fern/security-and-privacy/hipaa.mdx b/fern/security-and-privacy/hipaa.mdx
@@ -97,79 +97,6 @@ When enabling HIPAA compliance, only HIPAA compliant providers may be chosen.
   </Accordion>
 </AccordionGroup>
 
-## Structured Outputs with HIPAA Mode
-
-When HIPAA mode is enabled, Vapi does not store structured outputs by default. This protects privacy but limits your ability to use structured outputs in Insights and Call Logs. For non-sensitive outputs, you can override this behavior.
-
-<AccordionGroup>
-  <Accordion title="How do structured outputs work with HIPAA mode enabled?">
-    By default, when HIPAA mode is on, Vapi doesn't store structured outputs. This keeps data private but limits your ability to use structured outputs in Insights and Call Logs.
-
-    You can enable storage for specific structured outputs using the `compliancePlan.forceStoreOnHipaaEnabled` setting. This allows you to store non-sensitive outputs even when HIPAA mode is active.
-
-    **Important:** Your organization is responsible for ensuring that any structured output with storage enabled does NOT extract or generate PHI or sensitive data. Only use this for non-sensitive information.
-  </Accordion>
-
-  <Accordion title="When should I enable storage for structured outputs in HIPAA mode?">
-    Enable storage ONLY for structured outputs that extract non-sensitive, non-PHI information.
-
-    **Safe use cases:**
-    - Boolean outcomes: `appointmentBooked: true/false`
-    - Call success indicators: `issueResolved: true/false`
-    - General categories: `issueCategory: "billing" | "technical" | "general"`
-    - Satisfaction scores: `csatScore: 1-10`
-    - Call sentiment: `sentiment: "positive" | "neutral" | "negative"`
-
-    **Never enable storage for:**
-    - Patient diagnosis information
-    - Medical record numbers
-    - Social security numbers
-    - Credit card details
-    - Patient names, dates of birth, or contact information
-    - Treatment plans or medication information
-
-    **Warning:** Enabling storage for outputs containing PHI violates HIPAA compliance and your BAA with Vapi.
-  </Accordion>
-
-  <Accordion title="How do I configure structured output storage in HIPAA mode?">
-    You can enable storage for specific structured outputs via the Dashboard or API.
-
-    **Via Dashboard:**
-    1. Navigate to **Structured Outputs** in the left sidebar
-    2. Create or edit a structured output
-    3. Expand the **Compliance Settings** section
-    4. Enable the toggle for "Enable Storage of Structured Outputs while on HIPAA Mode"
-    5. Only enable if your output does not extract sensitive information
-
-    **Via API:**
-
-    When creating a structured output:
-    ```json
-    {
-      "name": "Appointment Booked",
-      "type": "ai",
-      "schema": {
-        "type": "boolean",
-        "description": "Whether an appointment was successfully booked"
-      },
-      "compliancePlan": {
-        "forceStoreOnHipaaEnabled": true
-      }
-    }
-    ```
-
-    When updating a structured output:
-    ```json
-    {
-      "compliancePlan": {
-        "forceStoreOnHipaaEnabled": true
-      }
-    }
-    ```
-
-    **IMPORTANT:** Only set `forceStoreOnHipaaEnabled: true` if you are certain your structured output does NOT extract PHI or sensitive data. Your organization is responsible for ensuring compliance. Misuse could result in BAA violations.
-  </Accordion>
-</AccordionGroup>
 
 ## Best Practices
 
