Philterd

Talk to an Expert

Tell us about your stack and the privacy problems you're trying to solve. We typically respond within one business day.

Prefer to skip the form? Pick a time on our calendar →
or send a message

← All industries

Healthcare & Life Sciences

PII Redaction for Healthcare

Self-hosted PII and PHI redaction engineered for the workloads where a leak is the kind of mistake that gets named in an OCR settlement. Runs in your VPC; no data ever leaves your account.

Or deploy Philter yourself →

The healthcare PHI problem

Healthcare data is the most regulated personal data in the U.S., and the most surface-area-rich. A single clinical note can carry 8–12 of the 18 HIPAA Safe Harbor identifiers in a few sentences. EHR exports, billing records, intake forms, patient-portal messages, and the new generation of clinical chatbots all touch PHI at speeds and volumes that manual review can’t keep up with.

The Philterd toolkit is engineered for exactly this surface area — with healthcare-specific NLP models, ready-made HIPAA Safe Harbor policies, and the deployment model your security team will actually approve (your VPC, your encryption keys, your audit trail).

How Philterd handles healthcare

HIPAA Safe Harbor automation

All 18 protected identifiers per 45 CFR 164.514(b)(2), with a ready-made policy in the library. Ages >89 aggregated; ZIP codes truncated to 3 digits per the regulation; custom MRN and account-number patterns for your EHR.

Healthcare NLP lens

Philter ships a purpose-trained NLP lens for clinical text — higher accuracy on physician names, hospital names, medication mentions, and other healthcare-specific entities than general-purpose NER.

BAA-friendly deployment

Stays inside your existing AWS, Azure, or GCP environment — under your existing cloud BAA. No new third-party data path; no new vendor BAA to negotiate.

Date shifting for research

Per-patient random date shifting preserves temporal structure for cohort analysis while breaking direct linkability — satisfies Expert Determination criteria with statistician sign-off.

Medical chatbot guardrails

Drop-in PHI redaction for healthcare chatbots that call hosted LLMs (OpenAI, Anthropic, Bedrock). Preserves clinical context while stripping patient identifiers.

Open source, auditable

Apache 2.0 source on GitHub. Your security team can audit every detection path; no vendor black box; no “trust us, it works” compliance.

Ready-to-use policies

Apache 2.0 policies from the open source policy library — download and load into your Philter instance.

Healthcare v1.0.0

Medical Chatbot — User Input Redaction

Redact PHI from user messages to a healthcare chatbot before they reach the LLM — preserves clinical meaning while removing identifiers.

HIPAAPHIchatbotLLM

Browse the full policy library →

Recent writing on healthcare

Building a HIPAA-Compliant Medical Chatbot

Why generic RAG chatbots fail HIPAA — and a step-by-step blueprint for building a medical chatbot that satisfies Safe Harbor at ingestion, retrieval, and inference. With BAA considerations and a self-hosted-LLM alternative.

Building a Privacy-Aware RAG System

RAG pipelines have two distinct PII leak vectors: ingestion and inference. A defense-in-depth blueprint with code, using Philter, Philter AI Proxy, and the rest of the Philterd toolkit.

All blog posts →

Where healthcare teams start

  1. Deploy Philter from your cloud’s marketplace into a private subnet of your existing VPC. No new infrastructure procurement, no data egress to a third party.
  2. Apply the HIPAA Safe Harbor policy from the open source policy library as your starting point. Tune MRN and account-number patterns for your EHR.
  3. Pipe a representative sample of clinical text through it and have a clinical reviewer spot-check the output. This is your gold-standard test set.
  4. Measure precision and recall with Philter Scope against that gold standard. Iterate on the policy until you hit your bar.
  5. Wire into production pipelines — EHR export, claims processing, RAG ingestion, chatbot input filtering — one stream at a time.

Common deployments

Healthcare teams typically adopt Philterd in one of three patterns:

1. EHR analytics and research pipelines. Clinical notes, claims data, and operational records get de-identified before landing in the analytics warehouse. The research team works on a corpus that’s out of HIPAA scope; the operational team works on the original. Philter handles the de-identification step; the clinical notes de-identification policy (with per-patient date shifting) is the usual starting point.

2. Patient-facing AI features. Symptom checkers, post-discharge follow-up, medication reminders, scheduling assistants. The chatbot calls a hosted LLM (OpenAI, Anthropic, Bedrock) and the user’s message can contain anything. Philter AI Proxy sits between the application and the LLM provider with the medical chatbot policy applied to inbound prompts. PHI never reaches the model.

3. Health-tech product integrations. Health-tech vendors (telehealth platforms, RPM device companies, billing services) sell into covered entities and need a defensible answer to the “how do you handle PHI?” line in every RFP. Embedding Philter (or Phileas as a library) gives them an auditable answer; the HIPAA Safe Harbor policy covers the table-stakes 18 identifiers.

What teams need to be careful about

  • De-identification ≠ redaction. HIPAA distinguishes redacted PHI (still PHI, BAA still required) from de-identified PHI (no longer PHI). Most teams need both, applied to different workflows. The practical guide to data redaction explains the line.
  • “No actual knowledge” requirement. Safe Harbor under 164.514(b)(2)(ii) requires that the covered entity have no actual knowledge that residual data could re-identify someone. Automated redaction doesn’t satisfy that on its own — you still need a documented risk-assessment process.
  • The BAA chain. If you’re calling hosted LLMs (OpenAI, Anthropic, Azure OpenAI, Bedrock), you need a BAA with each one. Major providers offer them under specific commercial agreements; the Philter AI Proxy redaction step does NOT eliminate the BAA requirement — it’s defense in depth.

Build PII redaction into your healthcare pipeline

Healthcare teams that ship privacy infrastructure want a vendor that won’t become the next compliance headache. Talk to the engineers who built the toolkit; get a concrete answer on whether Philterd fits your stack.

Or deploy Philter yourself →