Sierra and Lorikeet both build AI agents that resolve customer issues end-to-end. For a healthtech company, the deciding question is not who resolves more tickets, it is who handles protected health information correctly, supports your HIPAA obligations, and lets your compliance team approve the agent's behavior before it ever touches a patient.
This is a head-to-head comparison of Lorikeet and Sierra for healthtech customer support in 2026, scored on the six lenses a regulated healthcare buyer actually evaluates: PHI handling and BAA posture, guardrails, workflows, audit trails, voice, and pricing and deployment. Both are credible agentic platforms. They optimize for different buyers, and the right answer depends on whether your hardest stakeholder is a CFO or a privacy and compliance lead.
Sierra is the enterprise AI agent company from Bret Taylor and Clay Bavor, known for pure outcome-based pricing and a strong cross-industry enterprise track record.
Lorikeet is purpose-built for complex and regulated industries (fintech, financial services, healthtech, insurance, gaming), so healthcare-grade controls are part of the core design rather than a vertical add-on.
For HIPAA, Lorikeet is BAA-ready, holds SOC 2, is GDPR-aligned, supports PII and PHI redaction and RBAC, offers US, AU, and UK data residency, and has contractual no-train agreements with its model providers.
Lorikeet's differentiator is defence in depth: pre-launch adversarial simulations, inbound message checks, outbound guardrails, and 100% post-facto QA through its Coach agent.
Sierra's differentiator is incentive alignment and enterprise breadth across many verticals, not regulated healthcare depth specifically.
Last updated: June 2026
Healthtech support carries a risk profile that generic enterprise CX does not. A patient asking about a prescription refill, an eligibility check, or a lab result is sharing protected health information, and the wrong handling is not a churn event, it is a potential HIPAA breach with notification obligations and OCR exposure. That is why this comparison weights PHI handling, provability, and auditability over headline resolution rate. Both vendors will quote impressive numbers. The question is which one supports your compliance obligations and resolves the hard tickets (eligibility and benefits, prior authorization status, prescription and pharmacy coordination, billing disputes) correctly, not just the easy ones.
Lorikeet vs Sierra at a Glance
Vendor focus. Sierra is a horizontal enterprise AI agent platform serving retail, telco, financial services, healthcare, and more. Lorikeet is vertical by design, built for complex and regulated companies, with healthcare and healthtech among its core target industries alongside fintech and insurance.
HIPAA and PHI posture. Both maintain enterprise security programs. Lorikeet is BAA-ready for HIPAA, holds SOC 2, is GDPR-aligned, supports PII and PHI redaction and RBAC, offers US, AU, and UK data residency, and has contractual no-train agreements with its model providers. These controls are designed to support a covered entity's or business associate's obligations rather than to certify compliance on your behalf, which no vendor can do. Confirm a signed BAA and current security documentation with either vendor under NDA before procurement.
Pricing model. Sierra bills per outcome, charging only when the agent fully resolves a case. Lorikeet bills per resolution on usage: about $0.80 per chat, email, or SMS resolution and about $1.00 per voice resolution, with the customer holding veto power over what counts as a resolution and escalations never charged. Lorikeet publishes a Scale plan reference of 48,000 resolutions for $48,000 per year.
Channels. Both support voice, chat, and email. Lorikeet also runs SMS and WhatsApp plus outbound re-engagement (appointment reminders, refill nudges, abandoned onboarding) with compliance controls, and its voice runs at sub-1-second latency on the same workflow engine as its other channels.
The honest summary: Sierra is the safer institutional choice for a large enterprise that wants outcome-only billing and a recognized name across many verticals. Lorikeet is the stronger fit for a healthtech whose privacy and compliance team needs to test and sign off on how the agent handles PHI before go-live and replay it after.
PHI Handling and HIPAA: Supporting Your Obligations
In healthtech, the first gate is not resolution rate, it is whether the platform can handle protected health information in a way that supports your HIPAA obligations. That starts with a signed Business Associate Agreement and extends to how PHI is redacted, stored, accessed, and kept out of model training.
Lorikeet is BAA-ready, supports PII and PHI redaction so sensitive fields are masked before they need to be, enforces role-based access control, offers US, AU, and UK data residency, and has contractual no-train agreements with its model providers (Anthropic, OpenAI, Gemini) so your patient data is not used to train foundation models. The platform is built for regulated industries from the ground up, so PHI handling is a core assumption rather than a feature retrofitted onto a horizontal product. None of this makes Lorikeet, or any vendor, HIPAA-certified on your behalf. The right framing is that these controls support your obligations as a covered entity or business associate, and your own compliance program still owns the determination.
Where Sierra is genuinely strong: Sierra runs an enterprise security program and works with large, demanding organizations, and offers a BAA to healthcare customers as part of its enterprise motion. For a horizontal enterprise with a mature internal privacy team, Sierra's controls are a legitimate starting point, and its track record across high-volume brands is a real signal of operational maturity.
The distinction is emphasis and default posture. Sierra brings healthcare-capable controls to a platform designed to serve many verticals. Lorikeet designs the whole product around the assumption that the data is regulated and the result may be examined. If your privacy lead wants PHI redaction, no-train guarantees, data residency, and RBAC treated as defaults rather than configurations, that built-for-regulated posture is the deciding factor. If your bar is high but your internal team is equipped to harden a horizontal platform, Sierra clears it.
Guardrails: Provable Behavior Before Go-Live
In a healthcare setting, a guardrail is only useful if you can prove it works before the agent talks to a patient. The cost of an unguarded failure is not a bad review, it is a wrong instruction to a patient or a PHI disclosure to the wrong party.
Lorikeet's approach is defence in depth, layered across the lifecycle. Before launch, the platform runs adversarial simulations and red-teaming against the agent to surface failure modes. At runtime, inbound message checks screen what comes in and outbound guardrails screen what goes out (scripted disclosures, identity verification before disclosing PHI, escalation triggers, refusal to give clinical advice the agent is not authorized to give). After the fact, the Coach agent reviews 100% of tickets for quality. The framing Lorikeet uses is that the LLM is the engine and the platform is the cockpit. The practical benefit for healthtech is that a compliance team can run the guardrail and simulation suite and read the pass and fail results before the agent goes live, rather than approving on trust.
Where Sierra is genuinely strong: Sierra has built real guardrail and supervision tooling and has deployed agents at large, demanding enterprises. Its outcome-only model also creates a natural pressure not to act when the agent is unsure, because an unresolved escalation costs nothing. For many organizations, Sierra's controls are more than adequate, and its production track record is a legitimate signal of maturity.
The distinction is emphasis. Sierra builds guardrails as part of a horizontal enterprise platform. Lorikeet builds the entire lifecycle (simulate, check inbound, guard outbound, QA everything) around the assumption that a regulator or auditor may examine the result. If your evaluation centers on whether a compliance lead can approve behavior pre-launch and audit it later, that lifecycle focus is the deciding factor. If your controls bar is high but conventional, Sierra clears it.
Workflows: Natural Language and Deterministic Logic
Healthtech tickets are rarely single-turn. A real ticket is verify the patient's identity, check insurance eligibility, look up prior authorization status, explain a benefits decision, and schedule a follow-up, in the right order, with recovery when a tool errors mid-chain.
Lorikeet supports two workflow types that combine in a single interaction: natural-language workflows (NLW) for flexible reasoning and deterministic Structured Workflows for steps that must happen the same way every time, such as an identity-verification sequence before any PHI is disclosed or a fixed consent and disclosure script. All configuration is in plain English. The combination matters for healthcare because some steps benefit from model flexibility while others (verifying identity before releasing PHI, refusing to provide clinical advice, escalating a possible adverse event) cannot be left to probabilistic judgment. Lorikeet's Team of Agents can also dispatch sub-agents to coordinate with third parties, for example contacting a pharmacy on a refill or a payer on an eligibility question.
Where Sierra is genuinely strong: Sierra's agent-building model is well regarded for handling complex, branching conversations and for its supervised approach to letting agents take action. Enterprises that have deployed Sierra report capable multi-step handling. Sierra's strength is a polished, opinionated authoring experience backed by a strong applied engineering team.
The difference for a regulated healthcare buyer is the explicit determinism path. When a step must be provably identical every time and tied to an audit record, such as identity verification gating a PHI disclosure, Lorikeet's Structured Workflows give you a deterministic construct rather than relying on the model to behave consistently. For healthcare compliance, that explicitness is often what gets a workflow approved.
Audit Trails: What You Can Prove After the Fact
Audit trail depth is among the most important healthtech-specific capabilities, and it is where most vendors hand you a transcript and call it a log. The standard an auditor or OCR examiner wants is a replayable record of every tool call, prompt, and reasoning step, in order, with timestamps, for any ticket from months ago, including who accessed what PHI and why.
Lorikeet's Coach agent performs 100% automated QA, including root-cause analysis, a ticket quality score, and resolution verification. The framing is the AI evaluating the AI: every ticket is reviewed, not a sample, and the reasoning chain is reconstructable. When an eligibility answer is wrong or a disclosure happens to the wrong recipient, the goal is to point at the exact reasoning step where it went wrong. Coach can also be deployed standalone at about $0.10 per ticket, which means a team can run it as a QA layer even over another vendor's agent or a human team.
Where Sierra is genuinely strong: Sierra provides reporting, analytics, and supervision tooling for the agents it runs, and enterprise customers use it to monitor performance at scale. For many organizations, that visibility is sufficient for internal governance.
The healthcare-specific gap is the standard of evidence. 100% post-facto QA with a replayable per-ticket reasoning chain is a stronger artifact to bring to an audit or breach investigation than aggregate dashboards. If your audit requirement is examination-grade, weight this lens heavily toward Lorikeet. If it is operational visibility, Sierra is competitive.
Voice: Same Agent or a Second Stack
Healthtech support is not chat-only. Patients call about appointments, refills, and bills; clinics confirm by email; portal questions start in chat. The risk is running voice on a different stack from chat and stitching them together with a transcript handoff, which is two agents pretending to be one, and a second place PHI can be mishandled.
Lorikeet runs voice natively on the same workflow engine as chat, email, and SMS, at sub-1-second latency, with natural conversation, multilingual support, and automatic language switching (Voice 2.0 in development, built on ElevenLabs and Cartesia). The same agent and the same workflows carry across channels, so a patient who started in chat does not repeat themselves on a call, the same identity-verification gate runs before any PHI is disclosed regardless of channel, and the agent can take actions on a call (schedule an appointment, trigger a refill request) rather than route to a human. Lorikeet also supports outbound voice for re-engagement (appointment reminders, refill nudges) with compliance controls (DNC, call-hour rules, consent).
Where Sierra is genuinely strong: Sierra offers voice alongside chat and has invested in conversational quality. Sierra's voice agents are used in production at scale, and for enterprises whose primary need is high-quality voice resolution, Sierra is a serious option.
The differentiator is single-engine omnichannel plus action-taking on the call, the consistent PHI-handling gate across channels, and the sub-1-second latency target Lorikeet publishes. If voice is a core channel for regulated patient workflows and you need the agent to take actions rather than only talk, Lorikeet's architecture is built for it. If voice is one of several channels and conversational quality is the priority, both are credible.
Pricing and Deployment: Outcome-Only vs Usage With a Customer Veto
Pricing is where the two philosophies are clearest, and reasonable buyers land on different sides.
Sierra pioneered pure outcome-based pricing: you pay only when the agent fully resolves a case, and escalations to humans cost nothing. The appeal is obvious incentive alignment. The honest caveat, which applies to any outcome-only model and not to Sierra specifically, is that a vendor paid only on full resolution has a structural pull toward the easy tickets and away from the hard ones. In healthtech the hard tickets (eligibility, prior authorization, billing disputes, sensitive clinical coordination) are exactly the ones that matter, so the model can become a quiet selection bias against the work you most need automated.
Lorikeet prices per resolution on usage: about $0.80 per chat, email, or SMS resolution and about $1.00 per voice resolution, with Coach at about $0.10 per ticket. Two design choices address the outcome-only caveat directly. First, the customer defines what counts as a resolution, holding veto power rather than accepting the vendor's definition. Second, escalations are not charged, so the agent is not penalized for handing off a genuinely hard or sensitive ticket. Lorikeet publishes a Scale plan reference of 48,000 resolutions for $48,000 per year. For ROI context, human-handled tickets typically cost about $1.25 to $4 each, so per-resolution AI pricing is well below the human baseline in either model.
Where Sierra's model wins: if your leadership wants the cleanest possible alignment story for a board or CFO (we pay only for outcomes), Sierra's model is easier to explain and defend in that room. It is a legitimately strong procurement narrative.
On deployment, both vendors deploy with hands-on help rather than self-serve. Lorikeet pairs each customer with a forward-deployed PM and engineer; a sandbox can be stood up in roughly 20 to 30 minutes, with a typical path to operational in about a month, and because configuration is in plain English the intent is for your team to own the workflows post-launch. Sierra is known for high-touch implementation with embedded staff, which large enterprises value when they want the vendor deeply involved through and beyond launch. The trade-off is ownership: Lorikeet's plain-English configuration is designed to shift control to your team over time, while Sierra's embedded model favors a vendor-run partnership.
How to Choose Between Lorikeet and Sierra
Use the lens that matches your hardest stakeholder.
Choose Lorikeet if your toughest gate is a privacy or compliance lead, you need a BAA-ready agent with PHI redaction, no-train guarantees, RBAC, and US data residency as defaults, your hardest tickets are eligibility, prior authorization, refills, and billing, you need deterministic workflows for identity verification and disclosure gates, you want 100% post-facto QA and replayable audit trails, and you want voice, chat, email, and SMS on one engine.
Choose Sierra if you are a large enterprise that wants outcome-only billing as the headline procurement story, you operate across multiple verticals rather than healthcare alone, you value a high-touch embedded implementation, you have an internal privacy team equipped to harden a horizontal platform, and you want a widely recognized enterprise name.
Both are real agentic platforms that resolve tickets end-to-end. Sierra's strengths are incentive-aligned pricing, enterprise breadth, and a strong implementation reputation. Lorikeet's strengths are regulated depth, a built-for-PHI posture that supports your HIPAA obligations, defence-in-depth guardrails, deterministic plus natural-language workflows, single-engine omnichannel with sub-1-second voice, and examination-grade audit trails.
Questions to Ask Both Vendors
Demos are built to look good. These questions are built to make a demo break.
Will you sign a BAA, and what is your default posture on PHI redaction, data residency, and no-train agreements with your model providers?
Can my compliance team run your guardrail and simulation suite before go-live and read the pass and fail report?
Show me a replayable audit trail for a decision your agent made last week, end to end, including which PHI it accessed and why.
Do you review 100% of tickets for quality, or a sample?
Can I enforce a deterministic identity-verification step before any PHI is disclosed, on every channel?
Does voice run on the same workflow engine as chat and email, with the same PHI-handling gate, and can the agent take actions on a call?
Who defines what counts as a resolution, you or me?
Lorikeet's Take
Sierra is a strong company with a clean pricing story and a deserved enterprise reputation. For a horizontal enterprise buyer, it is a sensible shortlist entry. Our view, built from working with complex and regulated companies including healthtech, is that regulated support is won or lost on PHI handling and provability. The platforms that get approved are the ones whose data posture supports your HIPAA obligations and whose behavior a compliance team can test before launch and replay after, on the hard tickets, not the easy ones.
That is what Lorikeet is built around: a BAA-ready, built-for-regulated posture, plus simulate the bad paths before you ship, check inbound and outbound at runtime, and QA 100% of tickets after. If that is the bar your team uses, book a Lorikeet demo and bring your hardest 10 tickets. We will run them in your stack against your guardrails before you sign.
Key Takeaways
Lorikeet and Sierra are both genuine agentic platforms; they optimize for different buyers, so the choice depends on whether your hardest stakeholder is a CFO or a privacy and compliance lead.
For HIPAA, Lorikeet is BAA-ready with PHI redaction, RBAC, US, AU, and UK data residency, and contractual no-train agreements as part of a built-for-regulated design; these controls support your obligations rather than certify compliance on your behalf.
Sierra's edge is outcome-only pricing, enterprise breadth across verticals, and a high-touch embedded implementation reputation; healthcare buyers should pair it with a mature internal privacy program.
Lorikeet's edge for healthtech is defence in depth (pre-launch simulations, inbound and outbound guardrails, 100% post-facto QA), deterministic identity-and-disclosure gates, and replayable audit trails.
On channels, both cover voice, chat, and email; Lorikeet adds SMS, WhatsApp, and outbound, with voice on the same engine at sub-1-second latency and the same PHI-handling gate across channels.
Conclusion
Choosing between Lorikeet and Sierra for healthtech support in 2026 is not about which agent resolves more tickets in a demo. It is about which one handles protected health information in a way that supports your HIPAA obligations, which one your compliance team will approve before it touches a patient, which one prices in a way that does not discourage your hardest tickets, and which one gives you an audit trail an examiner will accept. Sierra is the right call for a broad enterprise that wants outcome-only billing and a recognized horizontal platform backed by a strong internal privacy team. Lorikeet is the right call for a healthtech that needs a BAA-ready, built-for-regulated posture, provable behavior before launch, deterministic gates for identity and disclosure, and examination-grade audit trails after. Shortlist both, then test them on the tickets that would put PHI at risk, not the ones that look good on stage.
