Healthcare organizations are adopting AI tools at record speed, but sending Protected Health Information (PHI) to third-party AI APIs creates significant HIPAA risk. AI Privacy Gateway masks PHI before it leaves your infrastructure, enabling safe and compliant LLM usage.
Under HIPAA, covered entities and business associates must ensure that Protected Health Information (PHI) is safeguarded when shared with third parties. Using AI APIs presents several challenges:
Many AI API providers do not offer BAAs, or only offer them for enterprise plans. Without a BAA, sending PHI to an AI API violates HIPAA.
HIPAA's Safe Harbor method requires removing 18 specific identifiers from PHI. Manual de-identification is error-prone and time-consuming.
Standard AI API usage lacks the access logs, disclosure tracking, and audit controls required by HIPAA.
AI providers may retain prompts for model improvement. HIPAA requires defined data retention and destruction policies.
The gateway automatically detects and masks the 18 HIPAA-designated identifiers before they reach the AI API:
The gateway implements a HIPAA-compliant de-identification workflow:
[PATIENT_NAME_1], [PHONE_1])docker run -d \
--name ai-privacy-gw \
-p 9999:9999 \
-v ./vault_data:/app/vault_data \
-e TARGET_LLM=https://api.openai.com \
ghcr.io/gunxueqiu6/ai-privacy-gateway:lite
For healthcare deployments, we recommend running the gateway on-premise or in a
HIPAA-compliant cloud environment. Configure your AI API clients to use
http://localhost:9999/v1 as the base URL.
Healthcare organizations often have facility-specific PHI patterns (internal MRN formats, facility codes, etc.). The gateway's admin dashboard lets you add custom regex rules without restarting:
# Medical Record Number pattern
Pattern: MRN-\d7
Type: Custom PHI
Placeholder: [MRN_1]
# Internal Facility Code
Pattern: FAC-\w4-\d3
Type: Custom PHI
Placeholder: [FACILITY_1] If PHI is properly de-identified according to HIPAA's Safe Harbor method (removing all 18 identifiers), the resulting data is no longer considered PHI and a BAA may not be required. However, you should consult with your compliance team to confirm your specific use case.
The gateway is a tool to help you achieve HIPAA compliance, not a certified solution. It provides the technical safeguards required by HIPAA — access controls, encryption at rest, audit logging, and automatic PHI de-identification. You should still conduct a risk assessment and implement appropriate administrative safeguards.
Yes. The gateway runs on any infrastructure. Deploy it in your HIPAA-compliant AWS, Azure, or GCP environment. The gateway itself is stateless and can be deployed behind a VPN or private network.
Yes. Any tool that makes API calls to an LLM can be routed through the gateway. This includes AI scribes, clinical decision support systems, medical coding tools, and patient communication platforms.
The SQLite vault is encrypted using AES-256-GCM. The encryption key is auto-generated on first start and stored locally. You can also set your own key via the VAULT_ENCRYPT_KEY environment variable.
Yes. The admin dashboard provides real-time masking statistics and a searchable log of detected entities. For HIPAA audit purposes, you can export masking logs from the dashboard.
Mask PHI automatically. Keep patient data private. Deploy in 30 seconds.