Skip to main content
Rivvi is built for healthcare and other regulated outreach. Protecting patient information and staying within the rules isn’t an add-on — it’s how the product is designed.

Your data stays yours

  • Your connector credentials are yours. When you connect a tool, you paste your own token or app keys, stored securely for your organization. You can revoke access any time by disconnecting. See Connectors overview.
  • You control what the agent can do. Every capability a connector exposes is set by you — read, ask-first, or blocked. Writes to your external tools ask for approval before they happen. See Permissions.
  • Patient information is kept out of places it shouldn’t be. For example, Rivvi never displays patient details inside Microsoft Teams — it links you back to the secure workspace instead.

Outreach guardrails

Rivvi enforces the rules on every outreach path:
  • You approve every launch. No run goes out without your click on the launch card. Rivvi never dials on its own. See Launching outreach.
  • Opt-outs are respected. Anyone who has opted out is never contacted, and opt-outs captured during a call take effect right away.
  • Calling hours are enforced. Rivvi won’t place calls outside the office hours you set — protecting you under calling-time rules.

Compliance

Rivvi operates under a signed Business Associate Agreement (BAA) for handling protected health information, and it holds off on protected-health-information workflows until that agreement is in place. Some capabilities — like the Echo referral-calling program — stay off until your BAA is signed.

Trust & security

For our security posture, certifications, and legal documents, visit rivvi.ai.

Questions

For a security review, a BAA, or a data-handling question, reach out at support@rivvi.ai.