Hi,
I run a small AI automation agency that builds lead response and workflow automation systems for med spas. I'm currently setting up my HIPAA-compliant infrastructure and need an experienced consultant to walk me through the process and make sure I'm doing it right.
My current tech stack:
• Retell AI (voice AI)
vapi
• Twilio (SMS)
• n8n
• Custom AI workflows for appointment follow-up, lead nurture, and review automation
What I need from you:
1. A 1-2 hour consultation covering HIPAA compliance for AI automation workflows
2. Review of my current stack and identify any compliance gaps
3. Guidance on HIPAA-compliant data architecture — how PHI should flow through my systems safely
4. Advice on what to log, what not to log, and how to configure n8n workflows to avoid PHI exposure
5. Recommendations on any additional safeguards I should have in place
6. Answering my questions in plain language — I'm technical but not a compliance expert
Ideal candidate:
• Experience with HIPAA compliance in SaaS, healthcare tech, or AI systems
• Familiar with Business Associate Agreements (BAAs)
• Has worked with small agencies or startups in the healthcare-adjacent space
• Can explain things clearly without unnecessary legal jargon
• Healthcare attorney or certified HIPAA compliance officer is a plus but not required
This is likely a 2-3 hour engagement to start with potential for ongoing advisory work as my agency grows into the med spa niche.
Please include in your proposal:
• Your background with HIPAA compliance
• Any experience with AI or automation tools in healthcare settings
Looking forward to hearing from you.