Your data stays yours
- Your connector credentials are yours. When you connect a tool, you paste your own token or app keys, stored securely for your organization. You can revoke access any time by disconnecting. See Connectors overview.
- You control what the agent can do. Every capability a connector exposes is set by you — read, ask-first, or blocked. Writes to your external tools ask for approval before they happen. See Permissions.
- Patient information is kept out of places it shouldn’t be. For example, Rivvi never displays patient details inside Microsoft Teams — it links you back to the secure workspace instead.
Outreach guardrails
Rivvi enforces the rules on every outreach path:- You approve every launch. No run goes out without your click on the launch card. Rivvi never dials on its own. See Launching outreach.
- Opt-outs are respected. Anyone who has opted out is never contacted, and opt-outs captured during a call take effect right away.
- Calling hours are enforced. Rivvi won’t place calls outside the office hours you set — protecting you under calling-time rules.
Compliance
Rivvi operates under a signed Business Associate Agreement (BAA) for handling protected health information, and it holds off on protected-health-information workflows until that agreement is in place. Some capabilities — like the Echo referral-calling program — stay off until your BAA is signed.Trust & security
For our security posture, certifications, and legal documents, visit rivvi.ai.