Security Policy
Healthcare Agent is built for healthcare from the ground up. Security and patient privacy are not add-ons — they are foundational to every architectural decision we make. This page describes how we protect your data and your patients' data.
Infrastructure
Healthcare Agent is hosted on Aptible, a HIPAA-compliant platform-as-a-service designed specifically for regulated industries. Aptible provides:
- Dedicated, isolated infrastructure with encrypted storage volumes
- Automated, encrypted database backups
- Network isolation and private subnets
- SOC 2 Type II and HITRUST CSF certified infrastructure
- Intrusion detection and host-based monitoring
All data is stored in the United States. We do not store or process data outside of the US.
Encryption
Data at rest
All data at rest is encrypted using AES-256. Database volumes on Aptible use full-disk encryption. Sensitive credentials — such as EHR API keys and OAuth tokens stored in our database — are additionally encrypted at the application layer using AES-256-GCM with per-tenant encryption keys.
Data in transit
All data in transit is encrypted using TLS 1.2 or higher. This applies to:
- Communication between patients/clinics and our servers (HTTPS)
- Communication between our application and databases
- Communication with third-party services (EHR APIs, Anthropic, SendGrid)
- Internal service-to-service communication
We enforce HTTPS for all endpoints. HTTP requests are redirected to HTTPS. HSTS headers are set with a minimum max-age of one year.
Authentication and Access Control
Admin authentication
Clinic administrators authenticate using email and password. Passwords are hashed using industry-standard password hashing. We never store plaintext passwords.
Sessions are managed server-side with secure session cookies with industry-standard protections. Session tokens are cryptographically random and include automatic session expiry.
Widget authentication
The embeddable chat widget authenticates using short-lived cryptographically signed tokens. Tokens are issued only to registered domains and refresh automatically. No API keys or credentials are exposed in client-side code.
Server-to-server integrations use hashed API keys. Plaintext keys are never retained after initial creation.
Session security
Chat sessions include protections against token theft and replay attacks. Sessions are bound to client characteristics and automatically expire after inactivity.
Patient verification
Before any protected health information is shared through the chat widget, patients are verified using a one-time password (OTP) sent to the phone number or email on file in the clinic's EHR system. This ensures that PHI is only accessible to the verified patient.
Role-based access control (RBAC)
The admin dashboard enforces role-based access. Permissions are assigned based on user roles, and access to sensitive operations (such as modifying policies, viewing audit logs, or managing API credentials) is restricted to authorized users. We follow the principle of least privilege — users only have access to the functionality they need.
Audit Logging
Healthcare Agent maintains an immutable audit trail of all security-relevant events, including:
- All access to protected health information
- Admin login and logout events
- Changes to clinic configuration and policy rules
- Patient verification attempts (successful and failed)
- API credential creation, rotation, and revocation
- Data export and deletion requests
Audit logs are append-only and cannot be modified or deleted by any user, including administrators. Logs include timestamps, user identity, action performed, and the resource affected. Audit logs are retained for a minimum of 7 years to meet HIPAA requirements.
Response Sanitization
All AI-generated responses pass through a response sanitization layer before being delivered to the patient. This layer inspects outbound text for patterns that should never appear in patient-facing output, including:
- System prompt fragments and internal configuration directives
- Internal tool names and function identifiers
- Leaked API keys or credentials
- PHI patterns such as Social Security numbers that may surface from tool results
Detected patterns are either blocked (the response is withheld) or redacted (sensitive substrings are replaced with [redacted]) depending on the category. This provides defense-in-depth against prompt injection attacks that attempt to exfiltrate system instructions or internal data.
AI Supervisor
Every AI response is evaluated by a supervisor layer that checks for policy compliance, safety, and correctness before delivery to the patient. The supervisor operates with retry-then-fail-closed behavior: if a response fails the safety check, it is regenerated with corrective guidance. If the retry also fails, the system returns a safe fallback message rather than delivering potentially non-compliant content. This fail-closed design ensures that uncertain or problematic responses are never shown to patients.
Incident Response
We are developing a documented incident response plan that will be in place prior to launch, covering detection, containment, investigation, and notification. In the event of a security incident involving PHI:
- Detection: We use automated monitoring, alerting, and log analysis to detect anomalous activity. Aptible's infrastructure monitoring supplements our application-level detection.
- Containment: Upon detecting a potential breach, we immediately work to contain the incident, preserve evidence, and assess the scope of impact.
- Investigation: We conduct a thorough investigation to determine the root cause, the data affected, and the individuals impacted.
- Notification: In accordance with HIPAA, we notify affected covered entities without unreasonable delay, and no later than 60 days after discovery of a breach. We provide all information required by the HIPAA Breach Notification Rule, including a description of the breach, the types of information involved, and recommended steps for affected individuals.
- Remediation: We implement corrective measures to prevent recurrence and document lessons learned.
Vulnerability Management
We take a proactive approach to identifying and addressing security vulnerabilities:
- Dependency scanning: We use automated tools to monitor third-party dependencies for known vulnerabilities and apply patches promptly.
- CI/CD security checks: Security linting and vulnerability scanning are integrated into our continuous integration pipeline. Code changes are reviewed before deployment.
- Penetration testing: We will conduct penetration testing prior to launch and annually thereafter by qualified third parties. Findings will be prioritized and remediated based on severity.
- Responsible disclosure: We welcome reports from security researchers. If you discover a vulnerability, please report it to security@healthcareagent.com.
Sub-Processors
We use a limited number of third-party sub-processors to provide the Service. Each sub-processor has been evaluated for security and HIPAA compliance, and appropriate agreements (including BAAs) will be executed prior to launch.
| Sub-Processor | Purpose | Data Processed | HIPAA Status |
|---|---|---|---|
| Aptible | Application hosting, database, infrastructure | All application data, including PHI | BAA required prior to processing PHI |
| Anthropic (Claude API) | AI language model for patient assistant | Conversation content, which may include PHI | BAA required prior to processing PHI |
| SendGrid | Transactional email delivery | Email addresses, message content (OTP codes, notifications) | BAA required prior to processing PHI |
We notify customers before adding new sub-processors that will handle PHI. Our sub-processor list is kept current on this page.
Compliance Roadmap
SOC 2 Type II
We are pursuing SOC 2 Type II certification. Our infrastructure provider (Aptible) is already SOC 2 Type II certified, and we are building our organizational controls to meet the Trust Services Criteria for Security, Availability, and Confidentiality.
HITRUST
HITRUST CSF certification is on our roadmap as the product and team scale. Our infrastructure already operates on HITRUST-certified systems through Aptible.
Security Contact
To report a security vulnerability or ask a question about our security practices:
Email: security@healthcareagent.com
We acknowledge all security reports within 2 business days and aim to provide an initial assessment within 5 business days. We do not pursue legal action against researchers who report vulnerabilities in good faith and do not access or modify patient data.