# Data Residency

Amigo supports multi-region deployments with organization-level data isolation. Each organization is scoped to a single region, and data does not leave that region.

## Available Regions

| Region             | Platform API Endpoint                  |
| ------------------ | -------------------------------------- |
| **United States**  | `api.platform.amigo.ai`                |
| **Canada**         | `api-ca-central-1.platform.amigo.ai`   |
| **European Union** | `api-eu-central-1.platform.amigo.ai`   |
| **Australia**      | `api-ap-southeast-2.platform.amigo.ai` |

The global endpoint (`api.platform.amigo.ai`) continues to work and routes to the correct regional infrastructure based on the workspace's configured region. Regional endpoints are available for organizations that require API traffic to stay within a specific jurisdiction.

## Organization-Level Isolation

Each organization is bound to a single region at creation time. All data generated by that organization - conversations, world model events, entity projections, call recordings, agent configurations - stays within the region's infrastructure. There is no cross-region data replication.

Data isolation is enforced at the storage layer. Each organization's data is physically separated - this is structural isolation, not access control.

## Multi-Region Deployments

If you operate across multiple regions (for example, clinics in both the US and Canada), you create a separate organization in each region. Each organization has its own API endpoint, its own data store, and its own set of workspaces. The [Deployment Model](https://docs.amigo.ai/platform-overview/deployment-model) page covers multi-org tenancy patterns for this use case.

There is no cross-region data replication or migration between organizations. If a patient transfers between a US clinic and a Canadian clinic, they exist as separate entities in each region's data store. This is intentional - some jurisdictions prohibit cross-border transfer of health data entirely.

## Choosing a Region

Region selection is permanent for an organization. Choose based on:

* **Regulatory requirements**: Where must your patient data reside? US healthcare organizations typically require US residency for HIPAA. Canadian provincial health acts may mandate in-country storage. EU GDPR has specific rules about data transfer outside the EU.
* **Latency**: Voice calls are latency-sensitive. Choose the region closest to your patient population to minimize audio round-trip time. For text-based interactions, regional latency differences are negligible.
* **Existing infrastructure**: If your EHR systems are hosted in a specific region, co-locating your Amigo organization in the same region minimizes latency for connector runner polling and write-back operations.

If you are unsure, start with the region where your primary patient population and EHR systems are located.

## PHI Handling

Protected health information is isolated at the workspace level within each organization. PHI is encrypted at rest and in transit. Workspace boundaries enforce that one clinic's patient data is not accessible to another clinic's workspace, even within the same organization.

Call recordings follow the same regional isolation. Recordings are stored in the organization's region and are not replicated elsewhere. Time-limited access URLs for recordings are scoped to the requesting workspace.

## Compliance by Region

Region selection determines which jurisdiction's data protection rules apply to your deployment:

| Region             | Primary Frameworks                                            |
| ------------------ | ------------------------------------------------------------- |
| **United States**  | HIPAA, state-specific health information laws                 |
| **Canada**         | PIPEDA, provincial health information acts (PHIPA, HIA, PHIA) |
| **European Union** | GDPR, national health data regulations                        |
| **Australia**      | Privacy Act 1988, My Health Records Act 2012                  |

Amigo's region isolation ensures that data stays within the jurisdictional boundaries your compliance team requires. Business Associate Agreements (BAAs) are executed per organization. For audit and compliance controls, see [Compliance and Audit](https://docs.amigo.ai/safety-and-compliance/compliance).