Healthcare (HIPAA)
HIPAA-aligned protections for healthcare and clinical AI.
Contributors
Overview
Our Healthcare (HIPAA) profile is purpose-built for the rigorous demands of the healthcare industry. It prioritizes the detection and protection of Protected Health Information (PHI) and attempts to prevent the model from providing dangerous or unverified medical advice.
Note: While this profile provides technical controls to support HIPAA compliance, you must also ensure your BAA and data handling processes are in place.
Included Guardrails
6 RulesPHI Awareness Guardrail
Detects protected health information to support HIPAA compliance.
Medical Advice Guardrail
Restricts medical diagnosis or treatment advice.
PII Detection Guardrail
Detects and optionally redacts personally identifiable information in user input.
Output PII Redaction Guardrail
Redacts personally identifiable information from model output.
Retention Check Guardrail
Validates data retention policies and expiration rules.
User Consent Validation Guardrail
Ensures user consent is present before processing personal data.
Key Benefits
PHI Redaction
Detects 18 HIPAA identifiers in text and redacts them before logging or third-party transmission.
Medical Advice Safety
Flags or blocks instances where the model attempts to diagnose or prescribe.
Consent Verification
Checks for markers of user consent before processing sensitive health data.
Wait, when should I use this?
Integration
{
"profile": "healthcare-hipaa",
"data_retention": "zero",
"audit_trail": true
}Frequently Asked Questions
Does this replace a doctor?
Absolutely not. The `medical-advice` guardrail is specifically designed to remind users to seek professional help.