HIPAA + AI — PHI in LLM Prompts
Using OpenAI, Anthropic, or any LLM API with patient data (PHI) without a signed Business Associate Agreement (BAA) is a HIPAA violation. Most AI providers only offer BAAs on enterprise tiers costing $20,000+/year. Every hospital IT team quietly using ChatGPT with patient context is at risk.
The Developer Problem
Healthcare developers building AI features — clinical summaries, care gap analysis, documentation assistance — are sending PHI to OpenAI/Anthropic APIs without realising this violates HIPAA. The solution isn't an enterprise contract; it's masking the PHI before it ever leaves the application.
What You Must Build
These are the exact technical components regulators will check for:
PII/PHI detection and masking before prompts are sent to any LLM API
Re-injection of masked values into AI responses before showing to users
Audit log of what PHI was detected and masked in each request
BAA (Business Associate Agreement) with any AI vendor that processes PHI
Consequences of Non-Compliance
Fines $100–$1.9M per violation category per year
HHS OCR investigation and corrective action plan
Public breach notification if >500 records affected
Personal liability for executives under HIPAA criminal provisions
Drop-In Code Solution
Instead of building this from scratch (2–6 weeks of engineering time), use this production-ready package that implements all the required components above.
A lightweight TypeScript middleware wrapper. It intercepts the prompt at the Edge before it leaves your network, uses optimized local regex + lightweight NER to identify and hash all sensitive data, sends the clean prompt to the AI API, and decodes hashes back into real values only inside the secure browser context.
// pii-masker.edge.ts — intercept before prompt leaves network
import { maskPII, unmaskPII } from './pii-masker.edge'
// In your Next.js API route:
export async function POST(req: Request) {
const { prompt } = await req.json()
// Mask PII before sending to OpenAI
const { cleanPrompt, vault } = await maskPII(prompt)
const response = await openai.chat.completions.create({
messages: [{ role: 'user', content: cleanPrompt }]
})
// Restore real values only for the user's browser
const safeResponse = unmaskPII(response.choices[0].message.content, vault)
return Response.json({ content: safeResponse })
}