PHI containment is architectural.

Default is block. Allow requires all 3 layers.

We don't scrub PHI. We extract clinical facts as codes — leaving no room for PHI to exist.

Every outbound payload passes a three-layer egress gate: field allowlist, value pattern scan, and structural integrity check. No field leaves the system without clearing all three. This is not a filter — it's a fail-closed architecture.

3Egress gate layers

BlockDefault posture

0 fieldsPHI in output

Fail-closedArchitecture

Three-Layer Egress Gate

Layer 1: Field-Level Allowlist

Only pre-approved field names pass through. Unknown fields are stripped.

All fields in allowlist

Layer 2: Value-Level Pattern Scan

Regex + NER scan on all output values. Catches names, DOBs, MRNs, SSNs, addresses, phone numbers.

No PHI patterns detected in values

Layer 3: Payload-Level Hash Check

Final payload hash compared against known-safe schema. Any structural deviation triggers block.

Payload hash matches known-safe schema

Payload Inspector — Select a scenario

Egress-Safe PayloadPASSED

{

"fact_id": "f_demo_s001",

"icd10_code": "I50.22",

"icd10_display": "Chronic systolic heart failure",

"snomed_code": "441481004",

"hcc_category": "226",

"raf_weight": "0.36",

"assertion": "present",

"section": "PMH",

"phrase": "chronic systolic heart failure",

"confidence": "0.846"

}

Gate Audit Log

Layer 1: Field-Level Allowlist

All fields in allowlist

Layer 2: Value-Level Pattern Scan

No PHI patterns detected in values

Layer 3: Payload-Level Hash Check

Payload hash matches known-safe schema

Cleared — All 3 Layers

This payload contains only structured clinical codes, standardized values, and pre-approved field names. No PHI. No free text. No identifiers. Safe for downstream AI, analytics, or external transmission.

Stays Local

Clinical note text

Patient names

DOB, SSN, MRN

Addresses, phones

Provider names

Original sentences

Egress-Safe

ICD-10 / SNOMED codes

HCC categories + RAF

Lab values (no dates)

Assertion status

Decision trace rules

Confidence scores

Without architectural containment, AI cannot safely reason over clinical state. We have structured clinical data with no PHI. That means any AI — GPT-4, Claude, open-source — can safely process our output without HIPAA exposure. This is not a feature. It's the reason the rest of the system is possible.

Deployment

Customer VPC

Dedicated tenant

On-premise available

Certifications

SOC 2 Type II (planned)

HITRUST CSF (planned)

TLS 1.3 encryption

Data Ownership

All data customer-owned

No model training on your data

Full deletion on request

Synthetic payloads. Fail-closed architecture. Every output auditable. Zero PHI in transit.