BAA-ready, PHI-aware AI delivery.
For healthcare engagements that genuinely require healthcare controls — practice management, clinical operations, claims, prior auth, intake, and post-visit workflows where the data is regulated and the wrong shortcut creates a covered incident. This profile sits on top of the same evaluation-led delivery method as our general practice; it just adds the controls a CISO + compliance lead need to sign off.
Entry offer
Healthcare Scoping & BAA Kit
$10,000
14 days · Fixed scope
The right entry point when the workflow handles PHI, when a BAA needs to be in place before any pilot can run, or when an existing AI initiative is unsure whether its model providers and storage layers cover the regulated paths. The kit produces a written, implementation-ready compliance pack — not slideware.
What you walk away with
- ✓BAA inventory and gap analysis (model providers, hosting, observability, storage).
- ✓Per-engagement data-handling profile (general / regulated / eval-only).
- ✓PHI redaction policy + sample audit log of redactions on representative payloads.
- ✓Allowlisted model catalog with rationale per use case (latency, quality, cost, compliance).
- ✓Compliance pack template: BAA, DPA where applicable, retention and deletion policies.
- ✓First-engagement runbook: incident response, breach notification, escalation contacts.
Controls that ship with every healthcare engagement
The healthcare profile isn't a checkbox — it changes how the platform routes traffic, stores artifacts, and approves actions. Each control below is enforced at the platform layer, not at the prompt layer where it could be circumvented.
BAA-required model allowlist
Only models with executed Business Associate Agreements run in the healthcare profile. Provider-routed models without a BAA are blocked at the platform layer, not at prompt time.
Server-side PHI redaction
Inbound text passes through a redaction layer before any model call. Names, MRNs, dates of birth, addresses, and phone numbers are scrubbed and audited.
Tenant + engagement isolation
Knowledge bases, vector stores, and agent memory are scoped per engagement. Cross-engagement leakage is prevented by tenancy filters at retrieval and at the prompt layer.
Audit trail on every action
Each tool call, model invocation, and operator override writes a tenant-scoped audit event. Audit retention is configurable per the engagement's compliance pack.
Human approval on side effects
Email sends, EHR writes, scheduling actions, and any other side-effecting tool require an explicit human approval before execution.
Documented incident response
Runbook, escalation contacts, and breach-notification timing are documented per engagement. Available under NDA for prospective clients.
What this profile is not
Honest framing: a healthcare deployment profile is not a substitute for legal review, covered-entity status, or a HIPAA risk assessment. It is the technical and operational layer that makes those upstream steps usable in production. We won't sign off on regulatory compliance for you, but we will make sure your AI system isn't the thing that breaks compliance you've already established.
- Out of scope: covered-entity determination, OCR audit response, breach-coach retainer.
- Out of scope: EHR integration certification (Epic, Cerner, etc.) — these are deep program engagements with their own gates; we partner with implementation teams that own them.
- Out of scope: claims-submission certification (X12 / EDI). We can route claims data through an AI workflow that respects the cert; we don't replace it.
Security disclosures + incident response
BAA, DPA, redaction-policy walkthrough, and the incident response runbook are available under NDA. Healthcare buyers commonly want to see these before signing the assessment; ask in your intake message and we'll route the request appropriately.